Sr. Network Security Engineer (F5)

” The Job Description”

1. Strong expertise in F5 Advanced WAF and BIG-IP (LTM: VIPs, Self IPs, SNATs, HA).
2. Identify and clean unused/orphaned IPs on F5 load balancers to improve performance.
3. Review and remove unused, duplicate, or obsolete firewall policies across HQ/DR while maintaining security and compliance.
4. Ensure all changes align with HA and DR requirements.
5. Assess devices, applications, and network components using public IPs.
6. Analyze dependencies and evaluate impact of changes.
7. Classify firewall rules and DNS entries by usage and business criticality.
8. Plan cleanup/migration (timelines, sequencing, rollback).
9. Design private IP ranges aligned with architecture.
10. Audit and clean DNS records without service impact.
11. Perform secure, controlled changes with minimal downtime.
12. Coordinate with cross-functional teams (SOC, apps, ops).
13. Conduct post-change validation for availability, security, and performance.
14. Establish periodic reviews for firewall, F5, IP, and DNS.
15. Maintain detailed documentation for audits and compliance.

Requirements:

• Hands-on NGFW, NAT, and access control management.
• Strong knowledge of IP addressing, DNS, routing, and security architecture.
• Experience in HA/DR, mission-critical environments, and change management.
  

Tagged as: apps, DNS, DR, F5, firewall, HA, HQ, IP, ops., self ips, snats, SOC, vips