Cybersecurity Specialist

The Senior Cyber Security Analyst will play a key leadership role within the Perimeter Security team, focusing on network perimeter defense for public web, API, and partner platforms.

This role requires collaboration with security teams to safeguard the organization's application perimeter, leveraging tools such as Splunk, native database queries, CDN defensive systems, WAFs, and internal security tools.

1. Incident Response & Mitigation:

• Lead responses to traffic and perimeter-related security incidents, ensuring accurate identification and prioritization of edge threats.
• Leverage CDN defenses, WAFs, and internal tooling to quickly implement effective mitigations.
• Detect, analyze, and investigate incidents involving customer traffic interference, bot activity, scanners, and malicious actors.
• Utilize native database queries, Splunk, and other monitoring platforms to identify patterns and anomalies indicative of security risks.
• Manage the prioritization and escalation of incidents based on severity, working closely with Web Engineering, SRE, and infrastructure teams to drive rapid mitigation.

• Proactively monitor traffic patterns using Splunk, internal databases, and other security tools to identify and assess threats within cloud environments.
• Track and analyze threat actors, scanner activities, and IP reputation to distinguish between legitimate threats and benign anomalies.
• Investigate traffic anomalies to proactively mitigate operational impacts on the engineering team and ensure optimized security controls.
• Collaborate closely with Web Engineering and SRE teams to minimize customer impact and refine mitigation processes for greater accuracy.

• Ensure seamless integration, patching, and ongoing maintenance of security controls for cloud perimeter systems, including CDNs, WAFs, SigSci, and NGINX.
• Lead efforts to identify and address vulnerabilities related to API endpoints and cloud services.
• Maintain continuous monitoring of cloud-based perimeter security applications, ensuring resilience against emerging threats.

• Partner with security teams to embed security into new systems, endpoints, and integrations from the start.
• Lead cross-functional efforts to optimize security controls, reduce alert noise, and minimize operational impacts while ensuring strong perimeter defenses.
• Document, communicate, and prioritize security incidents, recommended actions, and resolutions clearly to both technical and non-technical stakeholders.

• Generate and present executive-level reports on traffic mitigation, including metrics such as sessions impacted by mitigation systems and availability impacts due to traffic anomalies.
• Maintain comprehensive documentation on incidents, threat patterns, system changes, and mitigation strategies to support continuous improvement.
• Regularly report on efforts to reduce false positives and improve the operational impact of mitigation technologies.

• Exceptional proficiency in the English language, both written and verbal.
• Strong analytical skills with a proven ability to quickly identify and mitigate complex threats in high-volume environments.
• Bachelor's degree in Cybersecurity, Computer Science, or a related field, or equivalent work experience.
• Minimum of 6 years of experience in cybersecurity or public application software engineering, with a focus on CDN Management, cloud technologies, and perimeter security.
• Extensive experience in incident response, cloud-native threat hunting, and mitigation in public/private/hybrid cloud environments.
• Strong hands-on experience with traffic and threat monitoring tools such as Splunk, native database queries, and cloud-native security solutions.
• Deep knowledge of CDNs, WAFs, firewalls, IDS/IPS, and API security, particularly in cloud-based architectures.
• Proficiency with web and API systems such as NGINX, Kubernetes, Apache, Web Servers, along with cloud-native edge defense platforms.