Cloudflare
Cloudforce One REACT Principal Consultant
Join to apply for the
Cloudforce One REACT Principal Consultant
role at
Cloudflare .
About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company.
About The Team Cloudforce One is Cloudflare’s threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation‑state advanced persistent threats (APTs). The team works in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever‑growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of using a vast and varied set of data points that only one of the world’s largest global networks can provide. The team is able to efficiently analyze these unique data points at scale, and synthesize findings into actionable threat intelligence to protect our customers.
About The Role We are seeking a talented Senior Manager, Incident Response to join us in growing our Cloudforce One organization. This position requires an innovative, self‑starting, and detail‑oriented problem solver with a passion for analyzing, tracking, and triaging the malicious software used by cyber threat actors. As a REACT Consultant, you will respond to customer security incidents in on‑premises and cloud environments, detect and disrupt cyber threat activity across customer networks and cloud environments, and engage with customers at all levels including Executive, VP, Director, and managerial levels. You will help discover and analyze cyber threat intrusions, working alongside forensic analysts, threat researchers, detection engineers, and malware analysts to detect and mitigate malicious activity. The findings you uncover will help identify Tactics, Techniques, and Procedures (TTPs) of ongoing threat activity to protect your customer and the greater Cloudflare customer base.
Our ideal candidate will have 1‑2 years of previous experience in cybersecurity with at least 1 year in Digital Forensics or Incident Response. Experience with hands‑on forensic analysis in Windows, Mac, and Linux environments, triaging malware using static or dynamic analysis, correlating threat actor activity across a customer’s environment, and excellent written and verbal communication skills is required. Experience with incident response reports and the ability to write simple scripts in Python or Golang are also essential.
Examples Of Desirable Skills, Knowledge And Experience
Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related technical field, or equivalent training/practical experience
3+ years of previous experience in cybersecurity
2+ years of Incident Response experience
1+ years of customer‑facing role
Experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists
Background using a variety of forensic analysis tools to determine the extent and scope of compromise
Strong knowledge of network protocols and analysis tools such as Bro/Zeek or Suricata
Ability to understand the capabilities of static and dynamic malware analysis
Strong understanding of targeted attacks and the ability to create customized tactical and strategic remediation plans for compromised organizations
Strong background in secure network architecture and network operations
Knowledge of AWS, Azure, and GCP incident response methodologies
Strong communication skills to convey executive and detailed findings to clients and internal teams
Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Familiarity with AWS, Azure, O365, Google, and Cloudflare environments
Understanding of MITRE ATT&CK and NIST Cyber Security Frameworks standards and requirements
In‑depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
Bonus Points
Proficient in Python or Golang, capable of writing modular code that can be installed on a remote system
Proficient with Yara and writing rules to detect similar malware samples
Understanding of source code, hex, binary, regular expression, data correlation, and analysis such as network flow and system logs
Practical malware analysis experience with static, dynamic, and automated techniques
Mid‑level experience as a Malware Analyst able to reverse engineer various file formats and analyze complex malware samples
Experience with APT malware reverse engineering and understanding of common infection vectors
Knowledge of current malware techniques to evade detection and obstruct analysis
Experience writing malware reports on unique aspects of malware
Experience with malware attribution and tracking IOCs, pivoting, and infrastructure enumeration
Familiarity with bash command line executables for static analysis and IOCs investigation
Travel Requirements
Ability to travel up to 20% of the time
Position may require foreign and domestic travel; passport will be required
What Makes Cloudflare Special? We’re not just a highly ambitious, large‑scale technology company. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.
Project Galileo : Since 2014, we’ve equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work. The technology is already used by Cloudflare’s enterprise customers—at no cost.
Athenian Project : In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability, so that their constituents have access to election information and voter registration. Since the project, we’ve provided services to more than 425 local government election websites in 33 states.
1.1.1.1 : We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy‑centric public DNS resolver. It’s available publicly for everyone to use—no client IP addresses are ever stored or sold.
Sound like something you’d like to be a part of? We’d love to hear from you!
Equal Opportunity Employer Statement:
Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer. Cloudflare provides reasonable accommodations to qualified individuals with disabilities. If you require a reasonable accommodation to apply for a job, please contact us at
hr@cloudflare.com
or
101 Townsend St., San Francisco, CA 94107 .
#J-18808-Ljbffr
Cloudforce One REACT Principal Consultant
role at
Cloudflare .
About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company.
About The Team Cloudforce One is Cloudflare’s threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation‑state advanced persistent threats (APTs). The team works in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever‑growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of using a vast and varied set of data points that only one of the world’s largest global networks can provide. The team is able to efficiently analyze these unique data points at scale, and synthesize findings into actionable threat intelligence to protect our customers.
About The Role We are seeking a talented Senior Manager, Incident Response to join us in growing our Cloudforce One organization. This position requires an innovative, self‑starting, and detail‑oriented problem solver with a passion for analyzing, tracking, and triaging the malicious software used by cyber threat actors. As a REACT Consultant, you will respond to customer security incidents in on‑premises and cloud environments, detect and disrupt cyber threat activity across customer networks and cloud environments, and engage with customers at all levels including Executive, VP, Director, and managerial levels. You will help discover and analyze cyber threat intrusions, working alongside forensic analysts, threat researchers, detection engineers, and malware analysts to detect and mitigate malicious activity. The findings you uncover will help identify Tactics, Techniques, and Procedures (TTPs) of ongoing threat activity to protect your customer and the greater Cloudflare customer base.
Our ideal candidate will have 1‑2 years of previous experience in cybersecurity with at least 1 year in Digital Forensics or Incident Response. Experience with hands‑on forensic analysis in Windows, Mac, and Linux environments, triaging malware using static or dynamic analysis, correlating threat actor activity across a customer’s environment, and excellent written and verbal communication skills is required. Experience with incident response reports and the ability to write simple scripts in Python or Golang are also essential.
Examples Of Desirable Skills, Knowledge And Experience
Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related technical field, or equivalent training/practical experience
3+ years of previous experience in cybersecurity
2+ years of Incident Response experience
1+ years of customer‑facing role
Experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists
Background using a variety of forensic analysis tools to determine the extent and scope of compromise
Strong knowledge of network protocols and analysis tools such as Bro/Zeek or Suricata
Ability to understand the capabilities of static and dynamic malware analysis
Strong understanding of targeted attacks and the ability to create customized tactical and strategic remediation plans for compromised organizations
Strong background in secure network architecture and network operations
Knowledge of AWS, Azure, and GCP incident response methodologies
Strong communication skills to convey executive and detailed findings to clients and internal teams
Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Familiarity with AWS, Azure, O365, Google, and Cloudflare environments
Understanding of MITRE ATT&CK and NIST Cyber Security Frameworks standards and requirements
In‑depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
Bonus Points
Proficient in Python or Golang, capable of writing modular code that can be installed on a remote system
Proficient with Yara and writing rules to detect similar malware samples
Understanding of source code, hex, binary, regular expression, data correlation, and analysis such as network flow and system logs
Practical malware analysis experience with static, dynamic, and automated techniques
Mid‑level experience as a Malware Analyst able to reverse engineer various file formats and analyze complex malware samples
Experience with APT malware reverse engineering and understanding of common infection vectors
Knowledge of current malware techniques to evade detection and obstruct analysis
Experience writing malware reports on unique aspects of malware
Experience with malware attribution and tracking IOCs, pivoting, and infrastructure enumeration
Familiarity with bash command line executables for static analysis and IOCs investigation
Travel Requirements
Ability to travel up to 20% of the time
Position may require foreign and domestic travel; passport will be required
What Makes Cloudflare Special? We’re not just a highly ambitious, large‑scale technology company. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.
Project Galileo : Since 2014, we’ve equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work. The technology is already used by Cloudflare’s enterprise customers—at no cost.
Athenian Project : In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability, so that their constituents have access to election information and voter registration. Since the project, we’ve provided services to more than 425 local government election websites in 33 states.
1.1.1.1 : We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy‑centric public DNS resolver. It’s available publicly for everyone to use—no client IP addresses are ever stored or sold.
Sound like something you’d like to be a part of? We’d love to hear from you!
Equal Opportunity Employer Statement:
Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer. Cloudflare provides reasonable accommodations to qualified individuals with disabilities. If you require a reasonable accommodation to apply for a job, please contact us at
hr@cloudflare.com
or
101 Townsend St., San Francisco, CA 94107 .
#J-18808-Ljbffr