SEARCH JOBS For a well-rounded life.

Seattle
Washington, United States

Team:
IT

Date Posted:
12/15/2017

Requisition Number:
RP1008288

About Us:
As the global leader in Application Solutions, we're looking for people with a passion for breakthrough ideas to help us stay ahead of the competition.
Explore Life at F5

Information Security Program Manager

What are we looking for?

We are seeking a self-driven Information Security Program Manager that will be responsible for managing and executing the security program management, and coordinating with multiple teams.

As Senior member of our team, you will perform as an individual contributor in the Information Security department that coordinates security efforts across the company involving data, network & information technology, and facilities. You will handle security risk assessments, define initiatives to address risks, and develop best-practice standards, policies and procedures.

Here's what you'll do

  • You will coordinate with our Legal and Compliance teams to ensure compliance to our standards by third party vendors and partners
  • You will review customer and third-party contracts
  • Advise our Legal team on security that is meaningful to our customers & third-party contracts
  • Oversee ISO/ISMS and act as primary focal point for internal/external auditors
  • Evaluate audits of internal and external software & services
  • Ensure Information Management Compliance to governmental and industry standards and processes
  • Establish credibility and maintain working relationships with groups involved with information security matters. Some of the teams you'll engage with include: Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, Networking, and Systems, etc.
  • Responsible for building information security as a strength you'll need throughout our relationships with our internal teams/partners/vendor; this includes providing education and training to the organization
  • Integrate information security into our processes and business development.
  • Support our security and legal related requests and projects.
  • Performs other related duties as assigned.

Drive and execute F5’s Information Security Program

  • Partner with teams throughout the company to develop solutions that achieve business requirements while maintaining an acceptable level of risk.
  • Conduct ongoing, systematic assessment of F5 security risks
  • Document risks and recommend initiatives to mitigate risks
  • Drive execution of initiatives as assigned

Develop and maintain F5 security policy, standards and procedures

  • Develop security policy, standards and procedures
  • Ensure compliance through review/audit process
  • Maintain security policy, standards and procedures review process

What are the skills to be successful here?

  • Proven familiarity with systems and network infrastructure security technologies, including application/OS hardening techniques, network protocols, network & application firewalls, intrusion detection systems.
  • Solid hands-on familiarity with security risk-assessment tools & techniques (vulnerability testing, penetration testing, social engineering, etc.) and how to interpret the data.
  • Demonstrated program/project management abilities.
  • Recognizes that policies must be conceived and implemented in the context of a dynamic, customer-oriented, for-profit business environment
  • Be able to communicate and demonstrate your superior interpersonal, planning, documentation, organization, and analytical skills.
  • Show us your ability to act independently; interface with people at all levels in the company, and take initiative to engage internal & external personnel/services to ensure effective & reliable systems.
  • Demonstrate an initiative to engage internal & external personnel/services to ensure effective & reliable systems.

How do YOU qualify?

  • Hold a BS/BA or equivalent work experience in IT related field
  • Provide 3 or more years working in an IT department
  • Show us 2 or more years working as a security engineer or something similar
  • Have a solid grasp of software development lifecycles and working knowledge of Agile methodologies.
  • You should know ISO 27001 (think security); Customer Questionnaires(CSQs), and Security Operation Center standards. Understand evaluating the design and effectiveness of IT controls. Experience in working directly with auditors for these types of assessments.
  • Experience delivering security assurance assessments on schedule.
  • Familiarity with enterprise productivity tools, such as O365, SharePoint, ServiceNow ticketing systems.

#LI-DC1

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. Reasonable accommodation is available for qualified individuals with disabilities, upon request.