GMS-Senior-Cloud Security-Cloudflare

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

Cloudflare_Cloud Security_Senior

Key Responsibilities:

• Design, implement, and oversee Cloudflare security solutions, including Web Application Firewall (WAF), DDoS protection, Bot Management, Zero Trust, and Secure Web Gateway.
• Configure and maintain WAF rules, rate limiting, firewall policies, and threat mitigation measures within Cloudflare.
• Manage Cloudflare Zero Trust services, including Access, Gateway, Tunnel, and Browser Isolation.
• Implement and support secure application delivery utilizing CDN, DNS, and load balancing services.
• Monitor, investigate, and respond to security alerts and incidents through Cloudflare dashboards and logs.
• Integrate Cloudflare with identity providers such as Azure AD, Okta, and Google Workspace for authentication and access management.
• Conduct troubleshooting and root cause analysis for security, connectivity, and performance-related issues.
• Support API and application security, including protections against the OWASP Top 10 vulnerabilities.
• Collaborate with DevOps, Security Operations Center (SOC), and network teams to implement cloud-native security measures.
• Assist in onboarding applications and domains to Cloudflare while ensuring minimal downtime.
• Maintain security documentation, policies, and operational procedures.
• Support compliance initiatives and participate in security audits (ISO, SOC 2, PCI DSS).
• Stay informed about Cloudflare product features, threat intelligence, and industry best practices.
  
  

Preferred Requirements:

• Over 3 years of experience in cloud security, network security, or web application security.
• Hands-on experience with Cloudflare security services, particularly WAF and Zero Trust.
• Strong understanding of web technologies, including HTTP/HTTPS, DNS, and TLS/SSL.
• Familiarity with Zero Trust Architecture and Secure Access Service Edge (SASE) concepts.
• Experience with DDoS mitigation techniques and traffic analysis.
• Proven ability to secure APIs and web applications against common attack vectors.
• Knowledge of identity and access management concepts, including SAML, OAuth, and Multi-Factor Authentication (MFA).
• Experience integrating Cloudflare with Security Information and Event Management (SIEM) or Security Orchestration, Automation, and Response (SOAR) platforms (e.g., Splunk, Microsoft Sentinel, QRadar).
• Familiarity with public cloud platforms such as AWS, Azure, or Google Cloud Platform (GCP).
• Experience with automation and APIs using tools like Terraform, REST APIs, or scripting languages (e.g., Python, Bash).
• Understanding of CDN performance optimization and caching strategies.
  
  

Preferred Certifications:

• Cloudflare Certified Security Specialist
• Cloudflare Zero Trust Accreditation
• Strong analytical, troubleshooting, and communication skills.
• Ability to thrive in a fast-paced, cloud-first environment.
  
  

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

---