Duration: 12 months Plus
Location: Harrisburg, PA
The F5 Specialist is responsible for leading the design, planning, and implementation of the F5 appliances. The specialist oversees the configuration, operation, and administration of the F5 appliances. This role is the subject matter expert (SME) for F5 capabilities and related technologies. The F5 specialist is expected to mentor less experienced Data Power Specialist and Network Administrators.
Lead the design, planning and implementation of the F5 appliances utilizing best practices of F5 technology along with other aspects of client security.
Architect and engineer the F5 Local Traffic Manager, Access Policy Manager Application Security Manger modules.
Collaborate with Network and Systems Administrators and other support teams for provisioning of Virtual Machines and/or installation of physical devices within the data center, and to ensure secure communication paths for traffic and remote management.
Collaborate with Architects on solutions addressing application delivery, integration, and access control needs.
Configure and maintain the cryptographic elements within F5 including crypto profiles, identification and validation credentials, encryption and signing keys, x509 certificates, and Hypertext Transfer PS front-side handlers, and advises on key rotation and certificate validation and renewal strategies.
Develop iRules and apply rules within the F5 appliances.
Troubleshoot and debug services using problem determination tools and logs provided with the F5 appliances.
Perform the configuration of DataPower Multi-Protocol Gateway (MPGW) and service proxies used to integrate external systems with the client's infrastructure.
Define authentication, authorization, and accounting (AAA) policies on the DataPower.
Monitor security bulletins and mitigate as needed.
Perform and oversee ongoing configuration and administration of the F5 and DataPower appliances (physical and virtual).
Subject matter expert regarding the capabilities of F5 and related technologies.
Conduct detailed research and recommend approaches for identity management and access control.
Influence internal client policies and standards for identity management and access control.
Configure monitoring using Simple Network Management Protocol (SNMP) and off-box logging to Splunk-based Security Information and Event Management (SIEM).
Test F5 and DataPower configurations in non-production environments to ensure they meet non-functional requirements of the system (performance, scalability, resilience, availability, security, etc.).
Implement reusable patterns and writes scripts and programs to facilitate or automate configuration and administration tasks, deployment of applications and services, and migration of service configurations through development and testing environments, to production.
Monitor firmware releases, security bulletins, and vendor notifications. Evaluates, recommends, plans, and applies firmware updates.
Assist in the provisioning of user accounts, access groups, and application domains.
Document operational policies and procedures based on established client requirements and security controls, industry-standard practices and vendor recommendations.
Mentor less experienced team members.
May delegate and follow up on work to less experienced team members.
Required to stay current on industry specific knowledge and emerging technology.
Provide bi-weekly status updates and time reporting.
Other duties as assigned.
Two plus years of experience F5 Local Traffic Manager (LTM), Access Policy Manager (APM), and Application Security (ASM) modules
Strong Application Security experience in application driven e-commerce.
Strong experience with troubleshooting services on F5 appliances.
Administration and monitoring experience with F5.
Demonstrated understanding of administration, security, development, and networks as it applies to F5.
Demonstrated advanced Extensible Markup Language (XML) concepts.
Demonstrated ability to read computer vendor specifications and technical product manuals for implementation, customization and/or administrative purposes.
Demonstrated ability to adjust to future vendor hardware or software changes as new technologies are introduced into the operating system(s) as well as logically diagnosing problems and implementing software fixes or customizations as needed to resolve outstanding issues.
Demonstrated ability to analyze and design new large-scale IT systems and modifications to existing systems that support major agency mission objectives.
Demonstrated communication skills (written and verbal); presentation skills; interpersonal skills; analytical; and consulting type skills.
Experience creating and maintaining technical documentation.
Proficient in Microsoft Office Suite.
F5 Specialist aug 2016.docx 3 of 3
Preferred: certifications – F5 Certified BIG-IP Administrator and/or F5 Certified Technology Specialist.
Bachelor’s degree in Computer Science and two to four years of programming experience or an equivalent combination of training, experience, and skills, and preferred