F5 Principal Enterprise Security Engineer 

United States, Washington, Seattle 

758060770

Reports To:VP of Infrastructure and Security

Infrastructure and Security

Enterprise Security Engineerto design, implement, and manage enterprise-wide security solutions.shape our security strategy across endpoint protection, network, SaaS, IAM, and observabilitywhile aligning to NIST and CIS standards. This role reports to the

Key Responsibilities

• Security Architecture & Governance

• Architect enterprise security solutions across endpoints (EDR/XDR), networks, SaaS, andidentity/infrastructure.

• Ensure compliance withNIST SP 800-53, CIS benchmarks, and FedRAMP (Low/Moderate/High) standards.

• Design for DoD Impact Levels IL‑4 and IL‑5 environments, integrating enhanced controls beyond FedRAMP High

• IAM & Access Management

• Implement and manage IAM frameworks: RBAC, MFA, SAML, OAuth, SCIM.

• Regularly review andoptimizeprivilege configurations.

• Endpoint & Network Security

• Deploy and manage endpoint security tools (e.g., CrowdStrike,SentinelOne).

• Define network security strategies including firewalls (e.g., Palo Alto), micro-segmentation, VPNs.

• andmaintaindevice health assessmentsand dashboardsleveragingdevicetelemetryfromenterprise security tooling.

• Configure andmaintainData Loss Prevention (DLP) tooling & policies

• Support securitydeployments and configurations across multiple operating systems-Windows 10/11, macOS, Window Server, RHEL,Oracle, CentOS

• Experience with Security Service Edge and Software-DefinedPerimeter enablesZTNA solutions such asNetSCOPE, Zscaler, and PAN

• SaaS Security & Cloud Compliance

• Secure SaaS applications using SSPM tools and integrate them into governance frameworks.

• Maintain compliance evidence for FedRAMP/DoD IL audits and ATO packages

• Incident Response & Threat Intelligence

• Lead incident response efforts: detection, triage, investigation, mitigation, and post-mortems.

• Coordinate with threat intel teams to feed strategic threat insights into detection logic and tools.

• Vulnerability Management & Observability

• Own vulnerability scanning, CVE tracking, patch-rollout, and POA&M development.

• Build and tune observability systems (SIEM, EDR, logging, telemetry) to support security posture.

• Automation & Scripting

• Automate security workflows using Python, PowerShell, Bash, or similar languages.

• Integrate automation into tooling forreporting,incident response, compliance, detection, and remediation.

• Collaboration & Communication

• with the CISO and staff to align security initiatives with organizational strategy.

• Communicate technical concepts clearly to leadership, compliance, legal, and engineering teams.

• Develop and deliver security training and awareness for teams across the enterprise.

Qualifications & Experience

• Bachelor’s degree in cybersecurity, computer science, engineering—or equivalent years of corporate security/SOC experience.

• 7+ years in enterprise or cloud security with hands-on background in IAM,endpoint/network/SaaSsecurity, incident management, vulnerability management, and log analytics.

• Compliance Know-How:

• Solid understanding of FedRAMP security controls and audit frameworks.

• Experience with DoD IL‑4/IL‑5 programs—understand added encryption, personnel restrictions, and control overlaysTechnical Skills:

• with tools like CrowdStrike, Palo Alto, F5, Splunk/ELK, and IAM platforms (Okta,Entra ID, etc.).

• Strong scripting/automation using Python, PowerShell, Bash, etc.

• Security Frameworks:NIST SP 800-53/171, CIS Benchmarks, FedRAMP, DoD CC SRG.

• Soft Skills:Strong verbal and written communication; ability to convey complex topics to executives; experience working with stakeholders across multiple time zones.

• BigIP

• Personality Traits: