Senior Network Specialist
1 day ago
Buffalo
Job Description Position: Senior Network Specialist Location: Remote Duration: 6 months plus (high probability of extension) Start: 10/13 Must have 6+ years experience. Hospital client in Buffalo has a requirement for a Network Specialist. They must have experience with F5 WAF. Required skills & experience: Overview: We are seeking a highly skilled, Information Security focused, F5 WAF Implementation Specialist to join our team on a temporary contract basis. The contractor will be responsible for implementing and optimizing F5 Web Application Firewall (WAF) solutions to enhance the security posture of our public-facing applications and APIs. This role is critical in mitigating common web threats, including those identified in the OWASP Top 10, while ensuring minimal disruption to business operations. Key Responsibilities: • Lead the deployment and configuration of F5 WAF across multiple public-facing applications and APIs. • Collaborate closely with application analysts and stakeholders to understand application architecture, functionality, and traffic patterns. • Design and implement WAF policies and rules based on industry best practices and tailored to specific application needs. • Conduct impact assessments and risk analysis to ensure WAF implementation does not adversely affect application performance or availability. • Develop and execute testing plans to validate WAF configurations and ensure effective threat mitigation. • Monitor and fine-tune WAF policies post-deployment to optimize protection and minimize false positives. • Document configurations, processes, and lessons learned for knowledge transfer and future reference. • Provide guidance on WAF lifecycle management, including updates, tuning, and integration with broader security infrastructure. F5 Qualifications: • Extensive hands-on experience with F5 WAF (ASM/Advanced WAF) in enterprise environments. • Deep understanding of web application security, including OWASP Top 10 vulnerabilities and mitigation strategies. • Proven ability to work with cross-functional teams, especially application analysts and developers. • Strong knowledge of F5 BIG-IP platform, including LTM and iRules. • Experience with change management and downtime minimization strategies. • Excellent troubleshooting, documentation, and communication skills. Security-Focused Qualifications: 1. Knowledge of Security Frameworks & Standards: • Familiarity with NIST Cybersecurity Framework (CSF), especially the "Protect" and "Detect" functions as they relate to application security. • Understanding of MITRE ATT&CK techniques relevant to web application threats (e.g., credential access, injection, and exploitation). • Experience implementing controls aligned with ISO/IEC 27001 and CIS Controls, particularly: • CIS Control 9: Limitation and Control of Network Ports, Protocols, and Services. • CIS Control 13: Data Protection. • CIS Control 14: Security Awareness and Training (for rule tuning and false positive management). 2. Threat Modeling & Rule Design: • Ability to perform threat modeling to identify potential attack vectors and inform WAF rule creation. • Experience designing custom WAF signatures and policy tuning based on application-specific threat profiles. 3. Advanced WAF Rule Management: • Proficiency in configuring F5 Advanced WAF features, such as: • Behavioral DoS protection • Bot defense • Threat campaigns • Geolocation and IP intelligence • Experience with Layer 7 DDoS mitigation and rate limiting strategies. 4. Security Logging & Monitoring Integration: • Ability to define alerting thresholds and log retention policies in accordance with compliance requirements. 5. Compliance & Regulatory Awareness: • Understanding of PCI-DSS, HIPAA, or GDPR requirements as they relate to web application security and WAF configurations. 6. Zero Trust & API Security: • Familiarity with Zero Trust Architecture principles and how WAF fits into perimeter and micro-segmentation strategies.