CSOC Engineer

Fastly helps people stay better connected with the things they love. Fastly’s edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers’ applications as close to their end-users as possible - at the edge of the Internet. The platform is designed to take advantage of the modern internet, to be programmable, and to support agile software development. Fastly’s customers include many of the world’s most prominent companies, including Vimeo, Pinterest, The New York Times, and GitHub. We’re building a more trustworthy Internet. Come join us.

Leveraging our growing security product suite, CSOC Engineers contribute real world security insights to Fastly and our customers as we address Internet-scale threats. CSOC Engineers function as the primary escalation point for SOC Analysts in a globally distributed team. A core responsibility and key performance metric for this role is the effective training and mentoring of our SOC analysts, reducing escalations to the Senior CSOC-engineering level so you can focus on process improvements, data analysis, and security tooling to continue advancing our products, services, and capabilities. The CSOC team works with our internal platform security and security research, engineering and development teams as well as operations and customer organisations internally to deliver support solutions for security threats faced on the Internet today.

What You’ll Do:

• You will be responsible for escalations around monitoring and analysing customer activity, like identifying account-takeover, bot attacks and other malicious web traffic. The focus will be around attacks at the application layer.
• In addition, as part of CSOC engineering, you will be involved in designing, building and supporting tooling for our analysts.
• You will have the opportunity to work on some of the world’s most scalable distributed systems, as well as working with the world-class engineers who developed these systems.
• Requirements gathering and development of Security Monitoring Systems and troubleshooting tools.
• Be an expert in ensuring security for customers, providing an outstanding response to security issues.
• Provide deep application-security experience on escalated cases from customers and automated systems.
• Carry out continuous-improvement work and research to drive our customer security products and operations to be the best they can be.
• Contribute to the processes and policies that scale our organisation as we grow.
• Create, test, and deploy security content (e.g. WAF rules) in response to CVEs and other emerging threats.
• Provide guidance, mentoring, and training for new Security and Customer Support Engineers.
• Create and review reporting for customers on security services.
• Provide expert-level support for Terraform deployments and configurations.
• Troubleshoot and resolve issues related to Kubernetes deployments and management.
• Offer technical assistance and guidance on SSO configurations and integrations.
• Provide support for next-generation web application firewalls, including troubleshooting and performance optimization.
• Actively participate in sprint planning, deliver committed tasks on time with quality code, collaborate with team members, communicate blockers, and contribute to continuous improvement.
• Manage CSOC tool-related escalations and troubleshooting.

What We’re Looking For:

• Strong infosec background with strong knowledge and practical skills in application security.
• Strong knowledge of core internet technologies like DNS, HTTP and TLS and how to debug with common tools.
• Some software development skills/experience in any of the following, or other common web languages: Python, Go, Rust, JS.
• Experience in security operations or technical support.
• Detection engineering experience – developing content for security products and services (e.g. WAF rules).
• Application server technologies and frameworks experience.
• Ability to work with limited supervision but be a good mentor on security knowledge to the greater team.
• Fluent spoken and written English required, tailoring depth to fit varying audiences.
• Focused on delivering exceptional customer experiences.

Ideally, you’ll also have experience in some of these:

• Analysis with log visualisation tools (Grafana, Prometheus, Looker, Splunk, Elastic/ELK, or others).
• Experience working in a SOC or Incident Response Team.
• Apache, NGINX, IIS or other web server platforms.
• Cloud ecosystem knowledge and experience (AWS, GCP or similar).
• Unix/Linux or Windows system administration.
• Systems configuration management and/or orchestration tools.

Work Hours: Monday to Friday each week around core hours 9am to 6pm.

Work Location(s) & Travel Requirements: This position is open to the following preferred office locations: London, UK (only) – 2 days per week. Fastly currently embraces a largely hybrid model for most roles, which allows employees flexibility to split their time between the office and home. This position will require occasional travel as required by your role or requested by your manager.

Salary: The estimated salary range for this position is £78,000 to £95,000. Starting salary may vary based on permissible, non-discriminatory factors such as experience, skills, qualifications, and location. This role may be eligible to participate in Fastly’s equity and discretionary bonus programs.

Benefits: We care about you. Fastly works hard to create a positive environment for our employees, and we think your life outside of work is important too. We support our teams with great benefits that start on the first day of your employment with Fastly. Curious about our offerings? We offer a comprehensive benefits package designed to meet your needs. Our offerings may vary depending on the country where you work and are subject to change.

Why Fastly? We have a huge impact. Fastly is a small company with a big reach. Not only do our customers have a tremendous user base, but we also support a growing number of open source projects and initiatives. Outside of code, employees are encouraged to share causes close to their heart with others so we can help lend a supportive hand. We love distributed teams. Fastly’s home-base is in San Francisco, but we have multiple offices and employees sprinkled around the globe. As a new hire, you will be able to attend our IN-PERSON new hire orientation in our San Francisco office! It is an exciting week-long experience that we offer to new employees to build connections with colleagues across Fastly, participate in hands-on learning opportunities, and immerse yourself in our culture firsthand.

We value diversity. Growing and maintaining our inclusive and diverse team matters to us. We are committed to being a company where our employees feel comfortable bringing their authentic selves to work and have the ability to be successful – every day. We are passionate. Fastly is chock full of passionate people and we’re not ‘one size fits all’. Fastly employs authors, pilots, skiers, parents (of humans and animals), makeup geeks, coffee connoisseurs, and more. We love employees for who they are and what they are passionate about. We’re always looking for humble, sharp, and creative folks to join the Fastly team. If you think you might be a fit please apply!

A fully completed application and resume or CV are required when applying. Fastly is committed to ensuring equal employment opportunity and to providing employees with a safe and welcoming work environment free of discrimination and harassment. Our employment decisions are based on business needs, job requirements and individual qualifications. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, family or parental status, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. Consistent with the Americans with Disabilities Act (ADA) and federal or state disability laws, Fastly will provide reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact your Recruiter, or the Fastly Employee Relations team.

How to Apply Interested in this position? Please submit your resume and cover letter through the application portal.