Infrastructure Security Engineer

Position Summary

We are seeking a skilled and detail-oriented L2 Cloudflare Engineer to join our Infrastructure and Security team. This role focuses on the daily administration, monitoring, and business-as-usual (BAU) operations of Cloudflare services. The ideal candidate will have hands-on experience with the Cloudflare platform and a strong understanding of internet security, performance optimization, and DNS management.

Key Responsibilities

Administration and BAU Operations

• Monitor and analyze Cloudflare WAF logs for threats, anomalies, or false positives.
• Respond to security events including bot attacks, DDoS mitigations, and rate-limiting triggers.
• Maintain and update SSL/TLS configurations following industry best practices.
• Review and manage bot management policies, firewall rules, rate limits, and Zero Trust configurations.
• Monitor dashboards for availability, uptime, and origin health.
• Validate traffic analytics, error rates, and identify configuration drift.

Performance and Optimization

• Monitor cache hit/miss ratios and adjust page or transform rules for efficiency.
• Investigate global CDN latency and ensure optimal performance across points of presence (PoPs).
• Maintain and analyze performance metrics and dashboards.

DNS and Routing

• Verify DNS record accuracy and monitor propagation of recent changes.
• Manage DNS zones, including the addition, modification, and removal of records.
• Troubleshoot routing issues and validate failover/load balancing configurations.

Incident and Change Management

• Act as the escalation point for Cloudflare-related issues; coordinate resolution with internal teams and vendors.
• Participate in root cause analysis (RCA) and assist with remediation of incidents.
• Execute approved changes related to DNS, firewall, and policy configurations.
• Manage access roles and ensure enforcement of multi-factor authentication (MFA).
• Audit administrative actions and ensure compliance with internal processes.

Reporting, Documentation, and Compliance

• Generate and maintain reports related to WAF status, threat detection, and incident resolution.
• Support compliance audits by supplying required logs and configuration documentation.
• Follow ITIL and internal change management protocols.
• Maintain detailed activity logs, status reports, and contribute to internal knowledge bases.

Basic Qualifications

• Bachelor's degree (BE/BTech/MCA/MSc) in Computer Science, Information Technology, or related field.
• 3–7 years of experience in network or security operations.
• Minimum 1–2 years of direct experience administering Cloudflare services.
• Proficiency in WAF, DNS, CDN, and SSL/TLS technologies.
• Understanding of internet protocols such as HTTP/S, TCP/IP, and DNS.
• Familiarity with monitoring tools like Datadog, Pingdom, Uptime Robot, etc.
• Experience following ITIL-based incident and change management processes.

Preferred Qualifications

• Cloudflare Certified Partner or other relevant vendor certifications.
• Security certifications such as CompTIA Security+, CEH, or equivalent.
• Experience with scripting (Python, Bash) and automation using Cloudflare APIs or Terraform.
• Understanding of malware detection, threat intelligence, and forensic analysis.
• Familiarity with SIEM tools and endpoint compliance policies.
• Strong communication, documentation, and team collaboration skills.
• Willingness to work in rotational shifts and handle security incidents independently.