Senior Architect – Application Security

Job Description:

F5 is seeking a Senior Architect for Application Security to lead technical strategy and architecture across its entire security portfolio including WAF WAAP DDoS mitigation Bot Defense API Security TLS inspection and identity-aware access. This role drives the evolution of F5s security services across SaaS hardware and cloud-native platforms ensuring they are integrated scalable and secure-by-design. As a senior technical leader you will unify architectural direction modernize legacy systems and represent F5s security vision in both internal strategy and external engagements. You will:

• Define the cross-portfolio application security architecture strategy covering hardware software and cloud-native solutions and align it to F5s long-term business and technology vision.

• Establish architectural principles patterns and roadmaps that guide how WAF WAAP API security DDoS identity client-side protection and related capabilities are designed integrated and delivered.

• Lead architectural modernization efforts to evolve monolithic or appliance-based capabilities into composable API-driven services within a SaaS-native security control plane.

• Influence the security posture and innovation roadmap across F5 Distributed Cloud Services BIG-IP NGINX and future platform initiatives.

• Champion architectural governance and threat modeling across teams to ensure scalability observability resiliency and secure-by-default practices are institutionalized.

• Drive cross-functional alignment across product engineering SRE and infrastructure teams to ensure seamless and secure user experiences across hybrid multicloud and edge deployments.

• Mentor a community of senior architects and engineers raising the bar for application security talent across the company.

• Represent F5s technical vision in customer briefings industry forums regulatory discussions and analyst engagements serving as a technical ambassador for application security innovation.
  

Job Duties and Responsibilities:

• Design and validate architecture for WAAP services distributed DDoS protection layers advanced bot mitigation pipelines client fingerprinting fraud prevention engines and access-aware enforcement controls.

• Develop and evangelize reusable security frameworks and patterns across the product portfolio.

• Collaborate with detection teams and data scientists to integrate machine learning heuristics and behavior analysis engines into runtime defense systems.

• Define telemetry feedback loops and attack modeling infrastructure to continuously improve detection fidelity and response agility.

• Work across organizational boundaries to ensure integration of security across the portfolio.

• Guide compliance privacy and regulatory alignment by ensuring architecture supports evolving standards such as FIPS FedRAMP NIST CSF ISO 27001 GDPR and OWASP.

• Drive architectural reviews design validations and threat models to ensure operational security and scalability concerns are addressed early.

• Planning tracking and scheduling software deliverables.
  

Skills and Qualifications:

• 12 years of experience in software and security architecture roles with at least 5 years focused specifically on application-layer security.

• Proven track record architecting complex security systems in domains such as WAAP API security DDoS mitigation bot protection and malware detection.

• Deep understanding of L7 protocols (HTTP/2 HTTP/3 WebSockets gRPC) and application security standards (OWASP Top 10 NIST MITRE ATT&CK).

• Strong technical understanding of TLS certificate management identity and access protocols (OAuth2 OIDC SAML) and secure session management.

• Familiarity with zero trust architectures policy-as-code multi-tenant SaaS designs and runtime enforcement in container-based platforms (Kubernetes Istio Envoy).

• Demonstrated ability to set architectural strategy across product boundaries and influence senior engineering and product leadership.

• Experience designing and implementing distributed cloud solutions at scale.

• Understanding of containers and orchestration technologies.

• Broad understanding of coding and programming languages.

• Extensive knowledge of the software development process and corresponding technologies.

• Excellent understanding of design patterns and architectural styles.

• Proficient knowledge of the operation and development designs of agile software.

• Strong soft skills including attention to detail problem-solving and communication skills.