The DDoS Security Engineer is responsible for the design, operation, monitoring, and optimization of Distributed Denial-of-Service protection services across multiple mitigation platforms, including Radware, Arbor, Cloudflare, and Akamai . This role focuses on protecting customer-facing and internal digital services from volumetric, protocol, and application-layer attacks through continuous monitoring, incident response, tuning, and service improvement. The ideal candidate has strong experience in network security operations, traffic analysis, mitigation workflows, and customer-facing incident management within high-availability environments. Salary $80,000 to $100,000 per year Key Responsibilities Operate and manage DDoS protection services across Radware, Arbor, Cloudflare, and Akamai platforms. Monitor customer environments for DDoS threats, anomalous traffic behavior, and service degradation. Analyze attacks across Layer 3, Layer 4, and Layer 7 , including volumetric floods, protocol abuse, and application-layer attacks. Execute mitigation actions such as traffic diversion, scrubbing activation, ACL updates, rate-limiting, WAF tuning, and routing changes. Coordinate with SOC, NOC, network engineering, cloud, and customer teams during active incidents. Develop and maintain runbooks, playbooks, escalation procedures, and standard operating procedures for DDoS response. Perform onboarding of new customers, including traffic baselining, protection profile tuning, DNS/routing integration, and validation testing. Tune detection thresholds, mitigation policies, signatures, and protection profiles to reduce false positives and improve response speed. Support always-on and on-demand DDoS protection models. Produce incident reports, attack summaries, customer communications, and post-incident recommendations. Track service availability, mitigation performance, SLA compliance, and operational KPIs. Provide guidance on DDoS architecture, resilience design, and best practices for internet-facing services. Work with vendors and internal teams on platform upgrades, policy enhancements, and issue resolution. Contribute to continuous improvement of managed DDoS services, including automation and orchestration opportunities. Required Qualifications Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Network Engineering, or equivalent experience. 3–7+ years of experience in network security, DDoS protection, SOC, or managed security services. Hands‑on experience with one or more of the following: Radware, Arbor, Cloudflare, Akamai . Strong understanding of: TCP/IP, UDP, ICMP, BGP, DNS, HTTP/HTTPS, CDN, proxy, and load‑balancing concepts DDoS attack methods such as SYN floods, UDP floods, DNS amplification, NTP amplification, HTTP floods, bot‑driven application attacks, and SSL/TLS exhaustion Traffic analysis using logs, packet captures, NetFlow/sFlow, and platform telemetry Experience in incident handling and operational response in high-pressure environments. Strong troubleshooting and analytical skills. Excellent written and verbal communication skills for technical and customer-facing interactions. Preferred Qualifications Experience in a managed DDoS, MSSP, ISP, telco, or enterprise security operations environment. Familiarity with cloud and hybrid environments, including public-facing application protection. Experience with WAF, CDN, bot mitigation, and API protection capabilities. Knowledge of routing-based mitigation, GRE tunneling, BGP diversion, and scrubbing center operations. Experience with SIEM, SOAR, ticketing systems, and monitoring platforms. Scripting or automation experience in Python, PowerShell, or REST API integrations. Relevant certifications such as: CISSP CCNP Security / CCIE Security GIAC certifications Vendor-specific training or certifications in Radware, Cloudflare, Akamai, or Arbor Core Competencies DDoS detection and mitigation Network traffic analysis Incident response and escalation management Security service onboarding and optimization Documentation and reporting Operational excellence under pressure Rapid identification and mitigation of DDoS attacks Accurate incident triage and escalation Reduced false positives and improved mitigation tuning Strong customer reporting and service communication Reliable service onboarding and policy implementation Continuous improvement in response time, service stability, and protection effectiveness #J-18808-Ljbffr