Security Operations Center Engineer

Cloudflare

full-time

Posted on: 9/10/2025

Origin: • 🇺🇸 United States

✨ AI Apply

JuniorMid-Level

DNSJavaJavaScriptLinuxPerlPHPPythonRubyWordPress

About the role

Provide premium-level support for Cloudflare’s security products and features
Analyze threats, investigate alerts and identify attacks across OSI Layers 3, 4, and 7
Implement and suggest mitigation strategies and may apply mitigations on behalf of customers
Provide attack reporting beyond Cloudflare’s self-service reports
Monitor and investigate alerts; review alerts for relevancy and urgency; create tracking tickets and escalate incidents
Work with Engineering, Operations, and Product teams to mitigate attacks and improve products/tools
Configure and manage security monitoring rules and contribute to tool improvements
Compare traffic signatures and attributes (IP addresses, cookies, headers, JS footprints) to distinguish good vs malicious traffic
Extensive communications with customers via chat, email, and phone
Participate in weekend and holiday rotation; main working hours 9 to 5 Pacific time

Strong understanding of the OSI model, TCP, UDP, BGP, QUIC
Advanced understanding of iptables
Analysis of traffic for attack anomaly detection and creation of mitigation rules
Experience in handling attack mitigation and thorough knowledge of various attacks (L3/4 and L7)
At least 2 years of technical support experience and customer support experience is a must
Strong communication skills with high-value customers
Command line / Bash shell
Sysadmin skills (Linux/Mac/Windows) & Programming skills (Python, Ruby, PHP, C, C#, Java, Perl, Git etc.)
Security skills and certifications preferred: CISSP, GCIA GCIH, GCFA, GCFE, etc.
Comfortable working Tuesday - Saturday or Sunday - Thursday 5-day schedule; weekend and holiday rotation required; main working hours 9 to 5 Pacific time
May require authorization under U.S. export control laws without sponsorship