Remote Security Operations Center Analyst

Summary

Join Cloudflare's mission to help build a better Internet as a Security Operations Center Analyst. This role requires full-time work over weekends with a 'Wed-Sun' or 'Sat-Wed' 5-day working week schedule. The ideal candidate will have strong technical skills, excellent communication skills, and experience in handling attack mitigation.

Requirements

• Strong understanding of the OSI model, TCP, UDP, BGP, QUIC
• Advanced understanding of iptables
• Analysis of traffic for attack anomaly detection and creation of mitigation rules
• Experience in handling attack mitigation and thorough knowledge of various attacks (L3/4 and L7)
• At least 2 years of technical support experience and customer support experience is a must
• Strong communication skills with high-value customers
• Command line / Bash shell
• Sysadmin skills (Linux/Mac/Windows) & Programming skills (Python, Ruby, PHP, C, C#, Java, Perl, Git etc.)

Responsibilities

• Monitor and investigate the alerts to identify attacks
• Work with Engineering and Operations teams to mitigate attacks, suggest steps to mitigate, and apply the appropriate mitigation, when applicable
• Work with Engineering and Product teams to improve the products and tools
• Extensive communications with customers via chat, email, and phone
• Review the latest alerts to determine relevancy and urgency. Create new tracking tickets for alerts that signal an incident and require review or escalation
• Configure / Manage security monitoring rules and contribute to tool improvements
• Compare traffic signatures and attributes including IP addresses, cookie variations, HTTP headers, and JavaScript footprints to determine what is good traffic and what is malicious
• Participation in a weekend and holiday rotation required with main working hours 9 to 5 Pacific time

Benefits

• Health insurance
• Retirement benefits
• Paid time off