SOC Analyst - Tier 2 - Cloudflare Services Focus

Brixio is looking for a mid-level Tier 2 SOC Analyst to join our Managed Services & Support team, with a strong focus on Cloudflare Zero Trust, WAF, and DNS-related threat detection.

This is a critical hire for our cybersecurity services operations and client 24/7 support initiatives. The analyst will act as an escalation point, provide in-depth analysis of alerts, and help us strengthen our detection, playbooks, and service quality in the Cloudflare ecosystem.

Key Responsibilities:

• Investigate and respond to security alerts and incidents, with emphasis on Cloudflare logs and policy events (Access, Gateway, WAF)
• Correlate data from multiple sources (Cloudflare, SIEM, DNS, endpoint)
• Act as Tier 2 escalation from the 24/7 support team
• Work with Zero Trust policies and detect bypass/misconfig attempts
• Assist in building detection rules and playbooks
• Document incidents, enrich with context, and prepare post-incident reports
• Coordinate with the delivery and engineering teams on improvements
• Occasionally interact with clients (with support from Brixio PMs)
  
  
  

Requirements

Must-Have Skills:

• 3-5 years in a SOC environment (Tier 1/Tier 2)
• Exposure to Cloudflare tools (Access, Gateway, WAF, DDoS)
• Experience working with SIEM platforms (e.g. Splunk, Sentinel, Elastic)
• Strong analytical and investigation skills
• Good communication skills in English (written and spoken)
• Ability to document findings and support incident response
  
  
  

Nice-to-Haves:

• Scripting (Python or Bash)
• MITRE ATT&CK familiarity
• Previous MSSP experience
• Security certifications (CompTIA Sec+, GSEC, etc.)
• Cloud platform familiarity (Azure, AWS, GCP)

Brixio is looking for a mid-level Tier 2 SOC Analyst to join our Managed Services & Support team, with a strong focus on Cloudflare Zero Trust, WAF, and DNS-related threat detection.

This is a critical hire for our cybersecurity services operations and client 24/7 support initiatives. The analyst will act as an escalation point, provide in-depth analysis of alerts, and help us strengthen our detection, playbooks, and service quality in the Cloudflare ecosystem.

Key Responsibilities:

• Investigate and respond to security alerts and incidents, with emphasis on Cloudflare logs and policy events (Access, Gateway, WAF)
• Correlate data from multiple sources (Cloudflare, SIEM, DNS, endpoint)
• Act as Tier 2 escalation from the 24/7 support team
• Work with Zero Trust policies and detect bypass/misconfig attempts
• Assist in building detection rules and playbooks
• Document incidents, enrich with context, and prepare post-incident reports
• Coordinate with the delivery and engineering teams on improvements
• Occasionally interact with clients (with support from Brixio PMs)
  
  
  

Requirements

Must-Have Skills:

• 3-5 years in a SOC environment (Tier 1/Tier 2)
• Exposure to Cloudflare tools (Access, Gateway, WAF, DDoS)
• Experience working with SIEM platforms (e.g. Splunk, Sentinel, Elastic)
• Strong analytical and investigation skills
• Good communication skills in English (written and spoken)
• Ability to document findings and support incident response
  
  
  

Nice-to-Haves:

• Scripting (Python or Bash)
• MITRE ATT&CK familiarity
• Previous MSSP experience
• Security certifications (CompTIA Sec+, GSEC, etc.)
• Cloud platform familiarity (Azure, AWS, GCP)