Cloudflare

SOC Analyst

Cloudflare

full-time

Posted on:

Location Type: Hybrid

Location: Mexico CityMexico

Visit company website

Explore more

AI Apply
Apply

Tech Stack

GrafanaGraphQLLinuxPrometheusPython

About the role

  • Monitor and investigate proactive alerts to identify attacks
  • Work with Engineering and Operations teams to mitigate attacks, suggest steps to mitigate, and apply the appropriate mitigation when applicable
  • Work with Engineering and Product teams to improve products and tools
  • Communicate with customers via chat, email, and phone
  • Review alerts to determine relevancy and urgency; create tracking tickets for incidents requiring review or escalation
  • Adhere to SOC SLAs for alert response and customer communication
  • Configure and manage security monitoring rules; contribute to tool and threshold improvements
  • DDoS mitigation for OSI Layers 3, 4, & 7: filter malicious traffic using Cloudflare tools including Magic Transit, Magic Firewall, Advanced TCP Protection, WAF, Custom Rules, IP Access Rules, and Rate Limiting
  • Maintain customer-specific SOC runbooks and escalation matrices
  • Support SOC customer onboarding and deliver monthly security reviews

Requirements

  • Strong understanding of internet protocols (TCP, UDP, ICMP, GRE, BGP)
  • Networking fundamentals are crucial for success
  • Analysis of traffic for attack anomaly detection and creation of mitigation rules
  • Experience handling attack mitigation with knowledge of L3/4 and L7 attacks
  • Command line / Bash shell proficiency
  • Customer Facing or Technical support experience is mandatory
  • Strong communication skills, including with VIP customers during active attacks
  • Ability to remain calm under pressure
  • Ability to work 24x7 rotating shifts
  • Sysadmin skills - Linux, Mac, or Windows (Preferred)
  • Knowledge of Cloudflare Security Products & Features (Preferred)
  • Scripting skills, Python preferred (Preferred)
  • Prometheus/Grafana monitoring experience (Preferred)
  • Packet capture tools such as tcpdump or Wireshark (Preferred)
  • API/GraphQL experience (Nice to have)
  • Security certifications: GCIA, GCIH, GCFA, GCFE, CISSP equivalent (Strongly preferred)
  • Network certifications: CCNA, CCNP (Nice to have)
Benefits
  • Hybrid work model
  • 24x7x365 proactive monitoring
  • Support for customer onboarding
  • Monthly security reviews
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
DDoS mitigationinternet protocolstraffic analysismitigation rulescommand lineBash shellSysadmin skillsscriptingpacket captureAPI
Soft Skills
strong communication skillscustomer facingability to remain calm under pressureability to work 24x7 rotating shifts
Certifications
GCIAGCIHGCFAGCFECISSPCCNACCNP