Security Operations Engineer, CloudFlare

Brown & Brown is seeking a Security Operations Engineer CloudFlare to join our growing team! 

The Security Operations Engineer - CloudFlare will contribute to the enhancement of Brown & Brown technologies and processes related to endpoint security, threat intelligence, security monitoring, automation, web applications, SIEM, and SOC operations. A key focus of this position is the configuration, optimization, and maintenance of web application filtering technologies—specifically Cloudflare WAF (Web Application Firewall)—to improve the organization’s ability to prevent, detect, contain, and respond to threats. 

How You Will Contribute:  

• Develop and maintain detection rules across cloud-native and enterprise security platforms, including EDR, IDS/IPS, DLP, WAF, and XDR/SIEM platforms 

• Automate detection and response workflows across security tools to improve speed, consistency, and scalability 

• Monitor and analyze security events to detect suspicious activity across endpoints, networks, and users 

• Lead incident response efforts, particularly for web application threats, ensuring timely containment and remediation 

• Design, deploy, and manage WAF policies, including custom and managed rulesets 

• Investigate WAF alerts and logs to identify and respond to web-based threats 

• Continuously optimize WAF configurations to enhance protection and reduce false positives 

• Collaborate with AppSec, DevOps, and Network Security teams to ensure secure and performant application delivery 

• Configure, test, and optimize security tools to support prevention, detection, and response capabilities 

• Design and implement security controls across SaaS, IaaS, and PaaS environments 

• Conduct continuous testing and risk assessments to validate and improve security posture 

• Maintain accurate and up-to-date security documentation, including configurations and change management records 

• Support audits, compliance initiatives, and risk assessments 

• Stay informed on emerging threats and integrate relevant threat intelligence into security operations 

Licenses and Certifications:  

• At least one active security certification preferred: GCIH, GCIA, CISSP, CEH or related 

Skills & Experience to Be Successful: 
 

• B.S. in Information Security, Computer Science, Computer Engineering or similar technical program or equivalent experience 

• 3-5+ years in a hands-on technical role in information security supporting a large organization 

• Hands-on experience managing Cloudflare WAF or similar web application firewalls 

• Hands-on experience working with Google Chronicle\SecOps. 

• Experience with security tools including EDR, IDS/IPS, DLP, and SIEM/XDR 

• Working knowledge of a wide range of current security technologies such as firewalls, proxies, network and host-based intrusion prevention, DLP, vulnerability assessment tools, network protocols, architecture, etc. 

• Strong understanding of cloud platforms such as AWS, Azure, or GCP 

• Familiarity with scripting or automation tools (e.g., Python, PowerShell, Power BI, Terraform) 

• Experience with securing Microsoft Entra ID/Hybrid environments preferred 

• Desire to learn new technologies, share best practices, and contribute to the broader shared knowledge of a global infrastructure and security team  

• Ability to self-organize, prioritize activities independently, create documentation and reporting