Cloudflare · 1 month ago
Security Researcher & Analyst - Application Security
Hybrid
Full-time
Hybrid
Mid Level
4+ years expCloudflare is on a mission to help build a better Internet, operating one of the world’s largest networks that powers millions of websites. The Security Researcher & Analyst will work within the Application Security department to develop and enhance security measures, conduct penetration testing, and communicate security insights to diverse audiences.
AnalyticsEnterprise SoftwareSecurityWeb Hosting
Responsibilities
Hands-on experience working with threat detection and prevention product engineering teams, recognizing vulnerabilities and configuring mitigations or managing risks in existing and new products
Apply a deep understanding of security vulnerabilities in web application and application security
Reverse and research n-day exploits, proactively detect patterns of bot and fraud attacks, review false positive and false negative reports, and recommend security configurations
Excellent at communicating the details about security forensics to technical and non-technical audiences. Including writing public facing research blogs
Authoring periodic report on trends on Internet traffic and security attack insights
Experience with modern cloud-based technologies used to deliver rapidly-changing products at scale
Conduct penetration testing to identify security gaps and potential exploits across applications and services
Develop, maintain, and enhance security dashboards to monitor and analyze attack trends, bot activity, and fraud detection metrics
Leverage strong coding skills to build and automate security tools, improve system engineering workflows, and develop new security rules and heuristics
Qualification
Required
Hands-on experience working with threat detection and prevention product engineering teams, recognizing vulnerabilities and configuring mitigations or managing risks in existing and new products
Apply a deep understanding of security vulnerabilities in web application and application security
Reverse and research n-day exploits, proactively detect patterns of bot and fraud attacks, review false positive and false negative reports, and recommend security configurations
Excellent at communicating the details about security forensics to technical and non-technical audiences. Including writing public facing research blogs
Authoring periodic report on trends on Internet traffic and security attack insights
Experience with modern cloud-based technologies used to deliver rapidly-changing products at scale
Conduct penetration testing to identify security gaps and potential exploits across applications and services
Develop, maintain, and enhance security dashboards to monitor and analyze attack trends, bot activity, and fraud detection metrics
Leverage strong coding skills to build and automate security tools, improve system engineering workflows, and develop new security rules and heuristics
A degree in computer science, IT, systems engineering, or related qualification
4 years of work experience with incident detection, incident response, forensics, reverse engineering, security research or similar
Ability to work under pressure in a fast-paced environment
Strong attention to detail with an analytical mind and outstanding problem-solving skills. Excellent organizational skills
Great awareness of cybersecurity trends and hacking techniques
Demonstrated results in identifying, tracking and resolving issues to resolution in the areas of cybersecurity
Strong written and verbal communication skills
Experience in OWASP, security standards and best practice
Strong SQL experience
Proficiency in penetration testing methodologies, tools, and vulnerability assessment techniques
Experience in building security dashboards using tools like Grafana or similar visualization platforms
Strong programming experience with expertise in Python, Go, Rust, or JavaScript to develop security tools and automation
Preferred
Prior experience or interest in Web Security, HTTP protocols, Python, Jupyter Notebook, and JavaScript is a huge plus!
Knowledge and experience with machine learning, statistical inference, and AI in general is a huge plus
Knowledge and experience with columnar database like Clickhouse
Familiarity writing and optimizing advanced SQL queries
Good Linux/UNIX systems knowledge
Presented in security conferences such as Blackhat, Defcon, Bsides etc
Company
Cloudflare
Cloudflare is a web performance and security company that provides online services to protect and accelerate websites online.
1001-5000 employees
H1B Sponsorship
Cloudflare has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (117)
2024 (115)
2023 (66)
2022 (98)
2021 (83)
2020 (37)
Funding
Current Stage
Public CompanyTotal Funding
$2.08BKey Investors
Franklin TempletonFidelityUnion Square Ventures
2025-06-13Post Ipo Debt· $1.75B
2019-09-12IPO
2019-03-12Series E· $150M
Leadership Team
Matthew Prince
CEO & Co-Founder
Lee Holloway
Co-Founder & Lead Engineer
Recent News
2026-01-13
Data Center Knowledge
2026-01-13
Company data provided by crunchbase