F5 Engineer

Tyto Athene is searching for a F5 Engineer to support our DoD customer. This position supports the Boundary Control and Access Point (BCAP) infrastructure and F5 BIG-IP application delivery platforms within a secure, classified DoD or federal government environment. The engineer will be responsible for maintaining, troubleshooting, and optimizing network boundary security controls and F5 BIG-IP systems to ensure availability, integrity, and compliance with applicable cybersecurity frameworks. The ideal candidate brings deep technical expertise in network security, load balancing, traffic management, and federal cybersecurity compliance requirements.

Responsibilities:

• Monitor, maintain, and troubleshoot Boundary Control and Access Point (BCAP) infrastructure components including firewalls, routers, switches, and associated security appliances.
• Perform configuration management and change control procedures for BCAP boundary devices.
• Enforce and maintain network access control policies at the boundary to protect classified and sensitive systems.
• Coordinate with network operations center (NOC) and security operations center (SOC) teams to investigate and resolve boundary security events.
• Support BCAP architecture reviews, upgrades, and technology refresh activities.
• Ensure all BCAP components are operating within approved configurations and security baselines.
• Administer, configure, and maintain F5 BIG-IP Local Traffic Manager (LTM) and Access Policy Manager (APM) in support of secure application delivery.
• Develop and manage F5 iRules, profiles, pools, virtual servers, and persistence configurations.
• Perform health monitoring, performance tuning, and capacity planning for F5 BIG-IP environments.
• Troubleshoot application delivery issues including SSL/TLS offloading, load balancing failures, and traffic policy conflicts.
• Support F5 software upgrades, patch management, and configuration backups.
• Integrate F5 APM with identity and access management (IAM) solutions, including CAC/PKI authentication.
• Configure and support Common Access Card (CAC) and Public Key Infrastructure (PKI) authentication mechanisms on F5 APM and network boundary systems.
• Coordinate with PKI administrators to manage certificates, OCSP/CRL configurations, and certificate trust chains.
• Troubleshoot CAC authentication failures and PKI validation issues across network and application layers.
• Support Authority to Operate (ATO) processes for BCAP and F5 systems in accordance with NIST SP 800-53 and DoD RMF requirements.
• Develop and maintain System Security Plans (SSPs), POA&Ms, and supporting RMF documentation.
• Implement and validate security controls and continuous monitoring requirements for boundary and application delivery systems.
• Participate in security assessments, audits, and vulnerability remediation activities.
• Serve as a technical escalation point for network boundary and F5-related incidents.
• Analyze traffic captures, logs, and system events to diagnose and resolve complex issues.
• Support incident response activities including containment, eradication, and recovery for boundary security events.
• Maintain detailed incident records and produce after-action reports as required.
• Develop and maintain accurate network diagrams, configuration documentation, standard operating procedures (SOPs), and runbooks.
• Create and update technical documentation in accordance with organizational and federal standards.
• Provide knowledge transfer and cross-training to support team members.

Qualifications

Required:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field; OR equivalent combination of education and experience.
• 5+ years of experience in network engineering, network security, or systems administration within a DoD or federal government environment.
• Demonstrated hands-on experience administering F5 BIG-IP LTM and/or APM platforms.
• Working knowledge of BCAP architecture and boundary defense concepts.
• Strong understanding of TCP/IP networking, routing protocols (BGP, OSPF), VLANs, and firewall policy management.
• Experience with CAC/PKI authentication and DoD certificate management.
• Familiarity with NIST RMF processes and DoD cybersecurity compliance standards (DISA STIGs, DoD 8500/8510).
• IAT Level II certification required (CompTIA Security+, CySA+, or equivalent) per DoD 8570/8140 compliance.

Desired:

• F5 Certified BIG-IP Administrator (F5-CA) or F5 Certified Technology Specialist (F5-CTS: LTM) certification.
• Experience with F5 BIG-IP DNS (GTM), Advanced Firewall Manager (AFM), or Application Security Manager (ASM/AWAF).
• Experience with Cisco ASA, Palo Alto, or Juniper firewall platforms in a BCAP or DMZ environment.
• Familiarity with SIEM platforms (Splunk, ArcSight, Elastic) for log analysis and security monitoring.
• Knowledge of cloud-based networking and hybrid cloud security architectures (AWS GovCloud, Azure Government).
• Experience with Ansible, Terraform, or other automation/infrastructure-as-code tools for network device management.
• CISSP, CCNP Security, or equivalent advanced certification.
• Prior experience working with Defense Information Systems Agency (DISA) or other DoD cybersecurity entities.

Clearance:

• Active DoD Secret clearance (minimum); TS/SCI preferred.

About Tyto Athene

Compensation:

• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits:

• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.

Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.

At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?

Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law.