Security Researcher

RP1022345Tel Aviv

Job Description

About The F5 Security Research Team

At F5, we make apps faster, smarter, and safer. Come work within the security threat research group in an exciting, fast paced environment. Our team is performing the analysis of the latest security threats, detection and mitigation of our security solutions, as well as pen testing of F5 products. The team works in an intensive environment, and is constantly updated with the latest modern technologies. Come and join the best in their field!

Position Summary:

Being a part of a highly experienced Security Research team, while specializing in web vulnerabilities analysis, threat intelligence and Honeynet projects. The team is handling the research of vulnerabilities and malware, evolving threats analysis, development and updates of attack signatures and product-hacking.

Responsibilities:

  • Research of web frameworks and servers to understand the emerging threats.
  • Analysis of newly published web application vulnerabilities and their reproduction.
  • Specializing in WAF evasions and trying to bypass our technology before the hackers do.
  • Innovating by building proof of concept solutions for sophisticated threats, as well as ongoing development of attack signatures -- working together with the development teams to improve the WAF product based on the gathered research.
  • Mining WebSec related intelligence from blogs, forums, conferences and academy papers.
  • Developing attack-analysis tools and research infrastructure.
  • Publishing blogs and reports.

Qualifications:

  • 2 years experience or more in web exploitation or real web attacks analysis.
  • Strong understanding of internals of general networking, HTTP protocol, web servers and web applications -- a must.
  • Experience in monitoring web vulnerabilities as they come out.
  • Low-level understanding of security principles, theories and known attack vectors.
  • Experience in developing research infrastructure and tools in Python - Advantage.
  • Hands-on experience in attack signatures crafting (e.g. SNORT) - Advantage.
  • Experience in binary malware and analysis of malicious scripts - Advantage.
  • Experience in web development (front/back end) - Advantage.
The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Phishing Alert

Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Yello/Workday (ending with f5.com or @myworkday.com).

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability,marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws.This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. Reasonable accommodation is available for qualified individuals with disabilities, upon request.