Not sure if this is good timing, we have a current opportunity for a F5 BIG IP on a contract basis. The position will be based remotely for now. For further information about this position please apply.
Application Security Manager(ASM)
* To securing existing web applications against vulnerabilities and known attack patterns, protecting sensitive data, and proactively identifying (and possibly blocking) attackers performing unauthorized activities.
* To restrict access to a web application only from those locations identified on a whitelist or to prevent access from certain geolocations.
* To ensure address external traffic vulnerability issues that it might not be cost effective to address at the application level.
* As an interim solution while an application is being developed or modified to address vulnerability issues.
* As a means to quickly respond to new threats. You can tune ASM to block new threats within a few hours of detection if needed.
3. Access Policy Manager
4. Advanced Firewall Manager: BIG-IP Advanced Firewall Manager (AFM) defends against threats to network layers 3-4, stopping them before they reach your data center.
More details on ASM requirement.
* Describe how ASM protects a web application by securing file types, URLs, and parameters
* Deploy ASM using the Rapid Deployment template (and other templates) and define the security checks included in each
* Define learn, alarm, and block settings as they pertain to configuring ASM
* Define attack signatures and explain why attack signature staging is important
* Deploy Threat Campaigns to secure against CVE threats
* Contrast positive and negative security policy implementation and explain benefits of each
* Configure security processing at the parameter level of a web application
* Deploy ASM using the Automatic Policy Builder
* Tune a policy manually or allow automatic policy building
* Integrate third party application vulnerability scanner output into a security policy
* Configure login enforcement for flow control
* Mitigate credential stuffing
* Configure protection against brute force attacks
* Deploy Advanced Bot Defense against web scrapers, all known bots, and other automated a
Job Duration: 6-12+ months