mid Security Analyst ic · Posted Jun 14, 2026

About this role

F5 Networks is hiring a mid-level Security Analyst based in Warsaw, Poland. The posting calls out experience with Python, AWS, Azure, SQL.

Role
Security Analyst
Function
security
Level
mid
Track
Individual contributor
Employment
Full-time
Location
Warsaw, Poland
Posted
Jun 14, 2026
AI Summary
Senior Security Researcher conducting threat hunting and penetration testing on internet-facing traffic management platforms. Requires deep technical analysis of intrusions, malware detection, and development of detection logic using CrowdStrike Falcon and Netskope telemetry. Works within Office of CISO on mission-critical systems.

Job description

from F5 Networks careers

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. 
 

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

Position Overview

F5 is seeking an experienced Senior Security Researcher conduct threat hunting and penetration testing for internet‑facing traffic management and security platforms that sit in front of critical applications, identities, and APIs, making them a high‑value control point for availability, performance, and security.

You will work within the Office of the CISO, partnering with cross-functional engineering, security and GRC teams to strengthen posture of large‑scale, mission‑critical systems.

Key Responsibilities

  • Conduct proactive, intelligence‑driven threat hunts across endpoint, network, SaaS, and cloud data to identify activity that evades traditional security controls.
  • Develop and test hunt hypotheses based on MITRE ATT&CK, adversary TTPs, emerging and stale vulnerabilities .
  • Familiarity with CrowdStrike Falcon (EDR/XDR) and/or Netskope (SSE/CASB/SWG) telemetry to detect suspicious behaviors, lateral movement, and data exfiltration patterns.
  • Perform deep technical analysis of intrusions, malware, and tools; reconstruct attack chains and identify root cause and detection gaps.
  • Contribute to detection logic, advanced queries, and automation (e.g., Falcon queries, Netskope policies, SIEM/SOAR content) to operationalize hunt findings at scale.careers-peraton.
  • Produce high‑quality written and verbal reporting, clearly explaining complex intrusions and risks to both technical and executive stakeholders.
  • Partner with SOC, IR, red team, and CTI to validate prevention/detection coverage and tune controls against real‑world attack scenarios.
  • Mentor junior analysts/hunters and help mature hunt methodologies, playbooks, and metrics.

Required Qualifications

  • 5–8+ years of hands‑on experience in cybersecurity (Pentestng, IR, threat hunting, or threat intel), including direct ownership of complex investigations.
  • Strong proficiency with at least one EDR/XDR platform, preferably CrowdStrike Falcon (queries, detections, RTR, dashboards) and/or Netskope (DLP, CASB, SWG, inline policies).
  • Deep understanding of Windows and Linux internals, network protocols, and common attacker tradecraft (persistence, lateral movement, credential access, C2).
  • Experience building and running hunts using SIEM/log platforms (e.g., Splunk, LogScale, Elastic, Sentinel) and writing complex queries for anomaly detection.
  • Solid working knowledge of MITRE ATT&CK and its use in structuring hunts and mapping detections.
  • Strong scripting/query skills (e.g., Python, PowerShell, KQL, SQL or similar) to automate analysis and hunting workflows.
  • Excellent communication skills: able to turn raw telemetry and technical findings into clear recommendations and executive‑ready summaries.
  • Work with a Global team with  follow the sun model, able to hand off complex work items, documentation and knowledge share for security or time bound events.

Preferred Qualifications

  • Prior experience in a dedicated threat hunting, research or  Red Team at a large enterprise, MSSP, or security vendor.
  • Experience investigating attacker activity in Azure, AWS, or major SaaS platforms (O365, Google Workspace, Salesforce, etc.).
  • Published security research, conference talks, or public write‑ups on threats, detections, or hunt methodologies.
  • Relevant certifications (e.g., GCTI, GCIA, GCFA, GNFA, GREM, OSCP, CRTO) are a plus.

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination.  F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.

More roles at F5 Networks

Principal, Deal Strategy & Economics
Seattle, WA · principal
Python SQL Git
Senior Software Development Engineer
San Jose, CA · senior
Python Java React
Senior Account Executive
Madrid, Spain · senior
Salesforce API Development Security
Enterprise Sales Executive - AI Security (Tokyo)
Tokyo, Japan · mid
LLMs Security Machine Learning
Solutions Engineer - Modern Apps (Singapore)
Singapore · mid
Python JavaScript Go
All F5 Networks jobs →
All security jobs security in Warsaw, Poland Jobs in Warsaw, Poland security salaries security career path
All F5 Networks Jobs Browse security roles mid positions