SOC Analyst - Tier 2 - Cloudflare Services Focus

Brixio is looking for a mid-level Tier 2 SOC Analyst to join our Managed Services & Support team, with a strong focus on Cloudflare Zero Trust, WAF, and DNS-related threat detection. 

This is a critical hire for our cybersecurity services operations and client 24/7 support initiatives. The analyst will act as an escalation point, provide in-depth analysis of alerts, and help us strengthen our detection, playbooks, and service quality in the Cloudflare ecosystem. 

Key Responsibilities: 

• Investigate and respond to security alerts and incidents, with emphasis on Cloudflare logs and policy events (Access, Gateway, WAF) 
• Correlate data from multiple sources (Cloudflare, SIEM, DNS, endpoint) 
• Act as Tier 2 escalation from the 24/7 support team 
• Work with Zero Trust policies and detect bypass/misconfig attempts 
• Assist in building detection rules and playbooks 
• Document incidents, enrich with context, and prepare post-incident reports 
• Coordinate with the delivery and engineering teams on improvements 
• Occasionally interact with clients (with support from Brixio PMs) 

Must-Have Skills: 

• 3–5 years in a SOC environment (Tier 1/Tier 2) 
• Exposure to Cloudflare tools (Access, Gateway, WAF, DDoS) 
• Experience working with SIEM platforms (e.g. Splunk, Sentinel, Elastic) 
• Strong analytical and investigation skills 
• Good communication skills in English (written and spoken) 
• Ability to document findings and support incident response 

Nice-to-Haves: 

• Scripting (Python or Bash) 
• MITRE ATT&CK familiarity 
• Previous MSSP experience 
• Security certifications (CompTIA Sec+, GSEC, etc.) 
• Cloud platform familiarity (Azure, AWS, GCP)