United States only- Develop and implement executive-level traffic report briefings using automation, AI, and machine learning tooling to ensure actionability and strategic insight.
- Operate, maintain, and optimize the perimeter defense stack across edge and origin layers (Akamai, Cloudflare, Blink Ops, Imperva, Fastly, Impart, AWS WAF, etc.).
- Monitor, analyze, and respond to security events in partnership with our Perimeter Security analysts and threat detection teams.
- Lead incident response and mitigation efforts for perimeter-layer attacks (e.g., scraping, credential stuffing, carding, and API abuse).
- Perform ongoing signature tuning, rule deployment, and traffic analysis to improve signal-to-noise ratios across WAF/CDN layers.
- Design and implement automation workflows in our SOAR platform (e.g., Tines, Torq, N8N) to streamline operations and enhance incident response.
- Manage DNS, networking, and delivery routing systems including global traffic managers, failover policies, and load-balancing configurations across multiple data centers.
- Develop automation and tooling to support alerting, ticket creation, and configuration validation using Splunk, Tines, and Jira.
- Collaborate with traffic engineering, observability, and infrastructure teams to ensure scalable, fault-tolerant configurations across multi-CDN environments.
- Participate in a global on-call rotation for perimeter-related incidents and operational escalations.
- Contribute to continuous improvement of runbooks, dashboards, and operational standards for the PSOC.
- Ability to craft clear, concise, and actionable reports while communicating complex technical details to executive, business, and engineering stakeholders.
- 5+ years of experience in security analysis, engineering, SOC operations, or CDN/WAF management.
- Deep understanding of HTTP/S, DNS, and TLS fundamentals.
- Hands-on experience with Akamai CDN and WAF, Cloudflare, and other origin based Wide Area Firewalls.
- Strong knowledge of edge-layer security policies, rate limiting, caching behavior, and bot mitigation strategies.
- Familiarity with Splunk or similar SIEM tools for analytics and detection.
- Scripting or automation experience (Python, Bash, or similar) for operational efficiency.
- Excellent communication skills and ability to collaborate across globally distributed teams.
- Must be able to work standard hours aligned with U.S. Eastern Time.
- Experience supporting large-scale, high-traffic applications or e-commerce platforms.
- Experience in incident response and root cause analysis related to network or application security.
- Familiarity with automation platforms such as Tines, Torq, or other SOAR workflows.
- Golang system engineering experience, including building or integrating automation and telemetry services.
- Experience with Kubernetes and AWS cloud environments (networking, IAM, and security services).
- Working knowledge of CI/CD pipelines and infrastructure-as-code for security configuration management.
United Kingdom only
Ireland only
CA and US only
