Threat Response Analyst

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code.

We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare.

Available Locations: London, UK

About the Department

Cloudforce One is Cloudflare’s threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation.

About the Role

Cloudflare is a system spanning the globe, on a mission to make the internet better, safer, and more powerful everyday. To help fulfill this mission, we are seeking a talented Threat Response Analyst, to identify, track, and defeat sophisticated email-borne cyber threats. In this position, your experience, thinking, and action will be the key to our success.

Responsibilities:

• Identify Tactics, Techniques, and Procedures (TTPs) of ongoing Cyber Attacks in the real world.
• Collaborate with our team to develop new ways to present and interact with our insights.
• Stop the adversary.
• Show the world how the adversary works.

Requirements:

• Undergraduate with a US College Degree Program in one of the following majors or equivalent: Computer Science, Information Technology, Information Security, or Computer Security or Information Systems.
• At least 2 years experience in tracking and analyzing cyber campaigns utilizing technical indicators such as Domains, IP Addresses, Emails (Subjects, From, To, etc)
• Experience analyzing, tracking and defending against phishing and BEC attacks
• Working knowledge of email authentication protocols, and experience in email header analysis
• You have the ability to synthesize technical information and document it in a non-technical manner including through graphical and verbal depictions
• You have excellent English skills, both verbal and written
• You are capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders
• Desire to learn and improve
• Willing and eager to share knowledge, mentor and collaborate with a team

Bonus Points:

• Experience in a Team Lead Role
• Experience tracking and analyzing cyber campaigns utilizing technical Indicators of Compromise (IOCs)
• Experience with malicious file formats such as Microsoft Office Documents, Adobe PDFs
• Familiarity with regular expressions and their practical application in tracking malicious activity
• Working knowledge of SQL and devising SQL queries
• Experience with Yara
• Experience with DNS, IPv4, IPv6, HTTP/HTTPS, SMTP/SMTPS

What Makes Cloudflare Special?

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job.

Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law.