The DDoS Security Engineer is responsible for the design, operation, monitoring, and optimization of Distributed Denial-of-Service protection services across multiple mitigation platforms, includingRadware, Arbor, Cloudflare, and Akamai . This role focuses on protecting customer-facing and internal digital services from volumetric, protocol, and application-layer attacks through continuous monitoring, incident response, tuning, and service improvement.The ideal candidate has strong experience in network security operations, traffic analysis, mitigation workflows, and customer-facing incident management within high-availability environments.Salary $80,000 to $100,000 per yearKey ResponsibilitiesOperate and manage DDoS protection services across Radware, Arbor, Cloudflare, and Akamai platforms.Monitor customer environments for DDoS threats, anomalous traffic behavior, and service degradation.Analyze attacks acrossLayer 3, Layer 4, and Layer 7 , including volumetric floods, protocol abuse, and application-layer attacks.Execute mitigation actions such as traffic diversion, scrubbing activation, ACL updates, rate-limiting, WAF tuning, and routing changes.Coordinate with SOC, NOC, network engineering, cloud, and customer teams during active incidents.Develop and maintain runbooks, playbooks, escalation procedures, and standard operating procedures for DDoS response.Perform onboarding of new customers, including traffic baselining, protection profile tuning, DNS/routing integration, and validation testing.Tune detection thresholds, mitigation policies, signatures, and protection profiles to reduce false positives and improve response speed.Support always-on and on-demand DDoS protection models.Produce incident reports, attack summaries, customer communications, and post-incident recommendations.Track service availability, mitigation performance, SLA compliance, and operational KPIs.Provide guidance on DDoS architecture, resilience design, and best practices for internet-facing services.Work with vendors and internal teams on platform upgrades, policy enhancements, and issue resolution.Contribute to continuous improvement of managed DDoS services, including automation and orchestration opportunities.Required QualificationsBachelor’s degree in Cybersecurity, Computer Science, Information Technology, Network Engineering, or equivalent experience.3–7+ years of experience in network security, DDoS protection, SOC, or managed security services.Hands‑on experience with one or more of the following:Radware, Arbor, Cloudflare, Akamai .Strong understanding of:TCP/IP, UDP, ICMP, BGP, DNS, HTTP/HTTPS, CDN, proxy, and load‑balancing conceptsDDoS attack methods such as SYN floods, UDP floods, DNS amplification, NTP amplification, HTTP floods, bot‑driven application attacks, and SSL/TLS exhaustionTraffic analysis using logs, packet captures, NetFlow/sFlow, and platform telemetryExperience in incident handling and operational response in high-pressure environments.Strong troubleshooting and analytical skills.Excellent written and verbal communication skills for technical and customer-facing interactions.Preferred QualificationsExperience in a managed DDoS, MSSP, ISP, telco, or enterprise security operations environment.Familiarity with cloud and hybrid environments, including public-facing application protection.Experience with WAF, CDN, bot mitigation, and API protection capabilities.Knowledge of routing-based mitigation, GRE tunneling, BGP diversion, and scrubbing center operations.Experience with SIEM, SOAR, ticketing systems, and monitoring platforms.Scripting or automation experience in Python, PowerShell, or REST API integrations.Relevant certifications such as:CISSPCCNP Security / CCIE SecurityGIAC certificationsVendor-specific training or certifications in Radware, Cloudflare, Akamai, or ArborCore CompetenciesDDoS detection and mitigationNetwork traffic analysisIncident response and escalation managementSecurity service onboarding and optimizationDocumentation and reportingOperational excellence under pressureRapid identification and mitigation of DDoS attacksAccurate incident triage and escalationReduced false positives and improved mitigation tuningStrong customer reporting and service communicationReliable service onboarding and policy implementationContinuous improvement in response time, service stability, and protection effectiveness#J-18808-Ljbffr