Senior CSOC Engineer

Posting Open Date: 06/08/2026

Anticipated Posting Close Date*: 08/17/2026

*Job posting may close early due to the volume of applicants.

Leveraging our growing security product suite, CSOC Engineers contribute real world security insights to Fastly and our customers as we address Internet-scale threats. CSOC Engineers function as the primary escalation point for SOC Analysts in a globally distributed team. A core responsibility and key performance metric for this role is the effective training and mentoring of our SOC analysts, reducing escalations to the Senior CSOC-engineering level so you can focus on process improvements, data analysis, and security tooling to continue advancing our products, services, and capabilities.

The CSOC team works with our internal platform security and security research, engineering and development teams as well operations and customer organisations internally to deliver support solutions for security threats faced on the Internet today.

What You'll Do:

You will be responsible for escalations around monitoring and analysing customer activity, like identifying layer 3/4 DDoS attacks, account-takeover, bot attacks and other malicious web traffic. In addition, as part of CSOC engineering, you will be involved in designing, building and supporting tooling for our analysts.  You will have the opportunity to work on some of the world’s most scalable distributed systems,, as well as working with the world-class engineers who developed these systems.

• Experience configuring traffic policing, shaping  to throttle malicious traffic
• Identify and mitigate UDP Floods, ICMP Floods, and Reflection/Amplification attacks

Identify and mitigate TCP SYN Floods, ACK Floods, RST Floods, and TCP state exhaustion attacks

• Requirements gathering and development of Security Monitoring Systems and troubleshooting tools

Be an expert in ensuring security for customers, providing an outstanding response to security issuesProvide deep application-security experience on escalated cases from customers & automated systems.Carry out continuous-improvement work & research to drive our customer security products & operations to be the best they can be. Contribute to the processes and policies that scale our organisation as we growCreate, test, and deploy security content (e.g. WAF rules) in response to CVEs and other emerging threatsProvide guidance, mentoring, and training for new Security and Customer Support EngineersCreate & review reporting for customers on security servicesTroubleshoot and resolve issues related to Kubernetes deployments and managementProvide support for next-generation web application firewalls, including troubleshooting and performance optimizationActively participate in sprint planning, deliver committed tasks on time with quality code, collaborate with team members, communicate blockers, and contribute to continuous improvement.Manage CSOC tool-related escalations and troubleshooting

What We're Looking For: 

• At least 3+ years of related experience in Network Security, Network Engineering or Network Support type roles, ideally with a background in CDNs, Cloud, and/or internet infrastructure products.

Understanding stateless communication, fragmentation, and amplification vectors (DNS, NTP, CLDAP, SSDP)Strong knowledge of BGP (Border Gateway Protocol)Proficiency with IPv4/IPv6 addressing, subnetting, ICMP types/codes, and GRE tunneling.Strong infosec background with strong knowledge & practical skills in application securityStrong knowledge of core internet-technologies like DNS, HTTP & TLS and how to debug with common toolsSome software development skills/experience in any of the following, or other common web languages: Python, Go, Rust, JSExperience in security operations or  technical supportDetection engineering experience – developing content for security products and services (e.g. WAF rules)Application server technologies and frameworks experienceAbility to work with limited supervision but be a good mentor on security knowledge to the greater teamFluent spoken & written English required, tailoring depth to fit varying audiencesFocused on delivering exceptional customer experiences

Ideally, you’ll also have experience in some of these: 

Hands-on experience with enterprise routers and switchesExperience with NetFlow/sFlow/IPFIX analysis using tools like Kentik, ElastiFlow, or NFSen for anomaly detectionAnalysis with log visualisation tools (Grafana, Prometheus, Looker, Splunk, Elastic/ELK, or others)Experience working in a SOC or Incident Response TeamApache/NGINX/IIS or other web server platformsCloud ecosystem knowledge & experience (AWS, GCP or similar)Unix/Linux or Windows system administrationSystems configuration management and/or orchestration tools

Work Hours: 

• This position will require you to be available during core business hours. 

• While most duties will be performed during normal business hours, there is an occasional requirement for a flexible schedule as necessary based on customer needs.

Work Location(s) & Travel Requirements:

This position is open to remote workers, with the following preferred regions:

• San Francisco, CA

• New York, NY

Fastly currently embraces a largely hybrid model for most roles which allows employees flexibility to split their time between the office and home. 

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Salary: The estimated salary range for this position is $142,630.00 to $201,348.00. 

Starting salary may vary based on permissible, non-discriminatory factors such as experience, skills, qualifications, and location.

This role may be eligible to participate in Fastly’s equity and discretionary bonus programs.

Benefits:

We care about you. Fastly works hard to create a positive environment for our employees, and we think your life outside of work is important too. We support our teams with great benefits that start on the first day of your employment with Fastly. Curious about our offerings? 

We offer a comprehensive benefits package including medical, dental, and vision insurance. Family planning, mental health support along with Employee Assistance Program, Insurance (Life, Disability, and Accident), a Flexible Vacation policy and up to 18 days of accrued paid sick leave are there to help support our employees. We also offer 401(k) (including company match) and an Employee Stock Purchase Program. For 2026, we offer 12 paid local holidays, 12 paid company wellness days.