Firewall Security Engineer

Cloudflare, London, United Kingdom

Help us build a better Internet

About Us

At Cloudflare, we have our eyes set on an ambitious goal: to help build a better Internet. Today, Cloudflare runs one of the world’s largest distributed networks that powers more than 1.5 trillion pageviews each month across 5 million Internet properties. More than 10 percent of all global Internet requests flow through Cloudflare’s network. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code.

Our customers range from Fortune 500 companies and nonprofits to small businesses and budding entrepreneurs. Every day, about 12,000 new customers sign up. We’re working to create a faster, more secure, and more reliable experience for anyone online and given the scale at which we operate, our mission is big. Our team is hard at work shaping the future of the Internet by solving some of its toughest challenges. Come join us.

About the Role

We are looking for engineers with a background as a Security Analyst or a security related engineering role to help us in our mission to build a better internet. As part engineer and part analyst, you will work in our Edge team protecting our, and our customer’s, infrastructure and applications.

About the Department

The Edge team provides the software that powers the edge of our network at over 100 PoPs (Points of Presence) based on Nginx and with C and Lua stack. Our WAF is a part of that system and provides mitigation (blocks, and challenges) of requests to protect applications from attacks and vulnerabilities.


  • Monitoring and analysing logs and other data to detect and define attacks
  • Consuming external knowledge from mailing lists, IRC, Slack, and CVEs about attacks and vulnerabilities
  • Creating, testing and debugging firewall rules and other mitigations
  • Working on tooling around our firewall product
  • Communicating via internal and public channels about what we do, why, and how we do it
  • Working with our SEs to interpret and implement customer specific firewall rules
  • Handle escalations from SREs or from security incidents, which may include out of hour support in rare cases
  • Triage incoming requests and provide updates for the requests undertaken


  • Knowledge of web application security issues
  • Knowledge of core protocols for the web (TCP/IP, HTTP, HTTP/2, TLS)
  • Some knowledge of common web applications (Wordpress, Magento, etc)
  • Knowledge of regular expressions and differences between PCRE and RE2
  • Experience debugging and testing your code, including avoiding false positives and running tests over sampled data
  • Talent for discovering anomalies in data
  • Ability to investigate and report the impact of security problems
  • Ability to communicate complex security issues and ideas to all stakeholders


About Cloudflare

About us Cloudflare is the simplest way to make websites faster, safer and smarter. Millions of websites have signed up for our service, including large enterprises, major consumer destinations, and government agencies. With offices in San Francisco and London, Cloudflare operates a highly-available global network that has security measures built into every layer and regularly clocks in lightning-fast speeds. We're on a mission to build a better web - and we need smart, talented people to join our team. Our team works on the forefront of leading technologies including nginx, Go and Lua programming languages. We're a strong supporter of the open source community and regularly share our technology learnings at https://blog.cloudflare.com.

Want to learn more about Cloudflare? Visit Cloudflare's website.