At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

Job Requisition: Principal Cybersecurity GRC Analyst - Data Governance

Position Overview
The Principal Cybersecurity GRC Analyst will serve as a subject matter expert in operationalizing Data Security Posture Management (DSPM) and driving enterprise governance, risk management, and compliance initiatives. This role demands a leader who can partner across legal, IT, security, and leadership teams to maintain a robust cybersecurity posture while enabling compliance readiness for global regulatory frameworks. The incumbent will play a critical role in enhancing organizational risk visibility through metrics and reporting while ensuring continuous improvement of controls, processes, and compliance functions.

Key Responsibilities

1. Manage the operationalization of DSPM platforms to discover, classify, and monitor sensitive data across diverse environments including cloud, SaaS, and enterprise storage.

2. Partner with incident response teams to define and operationalize security alert response procedures, drive data access audits, and support data retention remediation.

3. Develop actionable risk metrics and reporting structures, providing executive-ready cybersecurity insights to inform data-driven decision-making.

4. Collaborate across departments such as legal, IT engineering, network infrastructure, security operations, and executive leadership to maintain an enterprise-aligned cybersecurity posture and implement tool-based security policies and scanning rules.

5. Evaluate evolving regulatory trends and drive proactive compliance readiness for requirements like GDPR, PCI DSS, HIPAA, SOC 2, and FedRAMP.

6. Support efficient execution of control alignment, internal/external assessments, remediation actions, and risk mitigation in collaboration with GRC teams.

7. Enhance vulnerability management efforts, including testing, penetration coordination, and environment hardening.

Key Attributes and Skills

· Highly skilled in operationalizing DSPM workflows and aligning information security objectives with corporate strategies.

· Expertise in tools and platforms used in data security governance, including Cyera, NIST frameworks, and related platforms/tools.

· Recognized as an internal expert who helps teams organize work effectively while serving as a valuable resource for compliance and risk teams.

· Strong conceptual and critical thinking skills to anticipate and resolve complex cybersecurity challenges.

· Proven ability to conduct business impact assessments, facilitate continuity planning, and validate testing plans to ensure continuity and risk reduction.

· Exceptional communication skills capable of presenting complex concepts to stakeholders at all levels, persuading others to adopt adapted strategies, and addressing potential objections.

Qualifications

· Bachelor's degree in cybersecurity, computer science, or related discipline (advanced degree preferred).

· Proficiency in tools/platforms like Cyera, Microsoft Purview, or equivalent, and expertise in AWS, Azure, or other cloud environments.

· At least 10-15 years of experience in cybersecurity, data governance, or related GRC roles, with a proven record of operationalizing DSPM initiatives.

· Certifications such as CISSP, PMP, CISM, or equivalent, with proven expertise in project management and risk framework application.

· Advanced knowledge of regulatory compliance standards (ISO 27001, GDPR, HIPAA, PCI DSS, SOC 2, etc.).

Preferred Experience

· Direct experience supporting highly regulated environments, driving initiatives related to sensitive data protection and regulatory compliance.

· The ideal candidate will lead efforts to execute business-aligned cybersecurity strategies and operationalize robust DSPM workflows to safeguard sensitive data assets. They will drive collaboration for compliance excellence and risk management across enterprise platforms and cloud-based infrastructures.

Physical Demands and Work Environment:

· Duties are performed in a normal office environment while sitting at a desk or computer table and have the ability to work remotely.

· Duties require the ability to utilize a computer, communicate over the telephone, and read printed material.

· Duties may require being on call periodically and working outside normal working hours (evenings and weekends).

· Duties may require the ability to travel via automobile or airplane, approximately 5% of the time spent traveling.

In addition, we will need you to meet F5, customer, and/or government security screening requirements for this role. The background investigation may review an applicant’s actions, relationships, and experiences going back 10 years.

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

LI-KT1

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

F5 maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, geographic locations, and market conditions, as well as to reflect F5’s differing products, industries, and lines of business. The pay range referenced is as of the time of the job posting and is subject to change.

You may also be offered incentive compensation, bonus, restricted stock units, and benefits. More details about F5’s benefits can be found at the following link: https://www.f5.com/company/careers/benefits. F5 reserves the right to change or terminate any benefit plan without notice.

Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.