SOC Engineer I - (DDoS)

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Our Security as a Service (SaaS) Security Operations Center (SOC) is the epicenter of dynamic security events; clients under siege daily, with new attacks and attack vectors evolving continuously. 

You will partner collaboratively with seasoned engineers to keep our customers safe and stop attackers cold, around the clock. As part of our Global SOC team, you will be responsible for managing cloud-based security systems on behalf of our clients, providing real time protection, detection, mitigation, and resolution of security events.  The SOC DDoS (Distributed Denial of Service) Engineer is a master of DDoS and, a skilled security defender. 

When not unravelling security issues, you may spend time mentoring and training colleagues, troubleshooting processes, and spreading security knowledge throughout the business or investigating new attacks and defenses.

A contender for this role possesses a passion for information security, enjoys solving problems and sharing knowledge with others, excels under pressure, and is continuously looking for opportunities for personal and team improvement. 

This role may be required to work outside of core business hours including early morning, late evening, overnight, weekends, and holidays.

Attractions of the Job

The Security Operations Center is a critical component of the Security & Distributed Cloud Portfolio. Our expert Security Engineers defend a wide spectrum of companies from online fraud, DDoS (Distributed Denial of Service), Application layer, and other security threats.

You will work side-by-side with some of the finest Security Engineers in the world, leveraging the best security products available, defending against attacks in real-time, analyzing industry trends, and innovating new protections against a variety of evolving threats and vulnerabilities.

What will you do?

• Take proactive and reactive steps to mitigate Application Layer security attacks or threats against our customers
• Interact directly with customers who are under attack via phone, chat, email and/or ticketing systems
• Provide proactive and real-time guidance to customers on security protocols and defensive security response
• Document actions taken in incident management systems, knowledge base, or ticketing systems as required
• Establish yourself as a trusted security advisor internally and externally
• Assist clients with onboarding and provisioning
• Engage and support cross-functional teams
• Appropriately manage time and customer issues based on issue severity and business needs
• Collaborate with Product Management and Development on requirements and product release activities
• Identify, define, and implement process and procedure improvements
• Ensures documented processes and procedures are relevant and up to date

Minimum Qualifications

• 0-2 years’ experience administering Web Application Firewalls
• Must be able to communicate technical and operational details fluently in English (written and oral)
• Skilled understanding and experience with HTTP and web application security (school project experience counts)
• Familiarity with SQL injection, cross-site scripting, web scraping, CSRF, brute force, cookie manipulation, parameter tampering, and other emerging Layer 4-7 attacks/vulnerabilities to define, configure, and manage security policies encouraging RFC compliance
• Excellent customer service skills
• Troubleshooting and problem-solving ability including analytical thinking and a strong attention to detail

Preferred Qualifications

• Interest in Cyber security and/or Network security, and/or prior NOC or SOC experience.
• B.S/A.S, in Information System Security or related degree/experience
• Background in Security Incident Response
• Fluency in additional languages
• Familiarity with a programming or scripting language.
• Understanding in common enterprise network technologies
• Fundamental Linux skills
• Familiarity with F5 hardware and software (Big-IP, TMOS, iRules, iApps, iControl, etc.)
• Web Server Administrator/Developer Experience
• Have experience in analysis using tools such as Fiddler, HttpWatch, Burp Suite, socat, and netcat.

Skills & abilities you'll be improving:

• Ability to excel in a dynamic, challenging, security-oriented operations environment
• Undaunted by, and quickly capable of, coming up to speed on new and developing technologies
• Relay technical information to customers with different levels of technical competence
• Experience supporting corporate customers in production environments, working with relevant technologies
• Experience working with Customer Support and Service Management portals, including provisioning, reporting, and configuration
• Ability to perform log file analysis
• Comfortable working with moderate supervision
• Ability to develop creative, efficient solutions to complex problems
• Expert technical knowledge of, and experience, troubleshooting TCP/IP networks
• Detailed protocol analysis using tools such as tcpdump, tshark, and Wireshark
• Packet manipulation and crafting using tools such as hping, scapy, and iptables
• Traffic generation and replay using tools such as apachebench and tcpreplay
• Possess a strong drive to continually learn, always asking “Why?”
• Work well in a customer-event driven environment with little day-to-day oversight

Work Environment

• Duties will be performed in an Operations Center environment (Guadalajara)
• Duties require the ability to utilize a computer, communicate over the telephone and read digital material
• Working in an environment where work hours are scheduled shifts in a full-time position
• This role may be required to work outside of core business hours including early morning, late evening, overnight, weekends, and holidays
• May be required to travel (5%), including possible international travel

#LI-KT1

#LI-Remote1