Security Research Manager

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

At F5, we make apps faster, smarter, and safer. Join our Security Threat Research group as a manager, where cutting-edge security research meets real-world impact. Our team analyzes the latest threats, builds advanced detection techniques, and protects mission-critical systems. We operate in a dynamic and fast-paced environment, constantly evolving with modern technologies. As a team leader, you’ll guide some of the most talented security researchers in the field — and help shape the future of application security.
Position Summary:
As the Security Research Team Manager, you will lead a highly experienced team of researchers focused on web application security, threat intelligence, and detection development. You’ll play a dual role: providing hands-on technical direction in the analysis of web-based threats, and fostering a strong, collaborative team environment through effective leadership and mentorship. You’ll also work closely with cross-functional teams to ensure our WAF and security products are ahead of evolving threats.
Responsibilities:
Lead, mentor, and grow a team of expert security researchers.
Provide technical guidance and review in areas such as web exploitation, WAF evasion, and threat intelligence.
Oversee research into web frameworks, application servers, and modern attack vectors.
Manage the development and continuous refinement of attack signatures to defend against evolving threats.
Drive initiatives around Honeynet deployments, threat intelligence collection, and automated analysis tools.
Coordinate vulnerability replication and PoC development for both internal testing and product validation.
Build and maintain team infrastructure, tooling, and research pipelines.
Promote collaboration between research and development teams to enhance product defenses.
Represent the research team in strategic discussions, roadmap planning, and leadership forums.
Contribute to thought leadership via blogs, reports, and security conference presentations.
Qualifications:
At least 6 years of experience in web application security, with hands-on research or red-teaming background.
Proven experience managing or leading a technical security team, with strong interpersonal and mentoring skills.
Deep understanding of networking, HTTP protocol, web servers, and web application internals.
Extensive experience analyzing and reproducing web application vulnerabilities.
Practical knowledge of WAF evasion techniques and detection logic.
Expertise in creating and analyzing attack signatures (e.g., regex, SNORT-style rules).
Strong coding/scripting skills in Python, including building research and automation tools.
Familiarity with threat intelligence techniques and sources (e.g., forums, CVEs, blogs, honeynets).
Experience with security efficacy testing across WAFs, API protections, and other security products.
Advantage: background in malware analysis or malicious script behavior.
Advantage: knowledge of both front-end and back-end web development.

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting [email protected].