Senior Cloud Security Engineer - Cloudflare WAF

About The Position

Requirements

• 3+ years of experience in network or cloud security with direct hands-on experience in Cloudflare.
• Proficiency in configuring and managing Cloudflare WAF , Bot Management , Rate Limiting , and Rulesets (Managed & Custom) .
• Experience with DDoS mitigation strategies and real-time incident handling.
• Familiarity with HTTP/HTTPS , DNS, TLS, and general web technologies.
• Understanding of CDN concepts and optimization strategies.
• Scripting skills (e.g., Python, Bash) for automation and monitoring tasks are a plus.
• Strong analytical and problem-solving abilities.
• Excellent written and verbal communication skills.

Nice To Haves

• Cloudflare Certified (e.g., Cloudflare Fundamentals or Advanced Security).
• Experience in DevSecOps, CI/CD pipelines, and security in cloud environments (AWS, GCP, or Azure).
• Exposure to tools like Terraform or Ansible for infrastructure as code

Responsibilities

• Configure, deploy, and maintain Cloudflare WAF rules and security policies to protect against common vulnerabilities (OWASP Top 10).
• Enable and manage Cloudflare CDN features to optimize content delivery, reduce latency, and improve user experience.
• Implement Cloudflare Bot Management to detect, block, or challenge malicious and unwanted automated traffic.
• Configure and monitor DDoS Protection using Cloudflare to mitigate volumetric, protocol, and application-layer attacks.
• Analyze traffic patterns and threats using Cloudflare analytics and logs; respond to security incidents as needed.
• Work with DevOps, development, and infrastructure teams to ensure secure deployment pipelines and integration with CI/CD tools.
• Evaluate and fine-tune security settings, rate limiting, page rules, access policies, and firewall configurations.
• Stay current with Cloudflare updates, emerging security threats, and best practices in web application security.