Duties & Responsibilities- Develop and own protection metrics and alerting - build dashboards and alert pipelines that surface anomalies across a range of network and application-layer signals.
- Perform deep log analysis to identify overuse, scraping, abuse, DDoS, and attack patterns across millions of daily requests.
- Operate and tune cloud-based edge security controls - configure and update security policies, rate limiting, and adaptive protection rules in response to evolving threats.
- Enforce traffic controls - apply a range of mitigation strategies to abusive traffic while minimizing impact to legitimate users.
- Monitor continuously and respond quickly - this role requires a bias for action. You will triage incidents and either resolve them directly or escalate to development or sysadmin teams with clear, actionable information.
- Support protection across a mixed cloud and on-premises infrastructure - NCBI operates services in both environments, and protection coverage must extend consistently across both.
Requirements:- Strong understanding of high-volume web service architecture - how traffic flows, where bottlenecks and abuse vectors appear, and how load balancers and edge infrastructure make routing decisions.
- Hands-on experience with a major cloud provider's security and networking stack, including:
- Solid grasp of HTTP/HTTPS protocol internals - headers, TLS behavior, connection patterns, and how these relate to traffic analysis and fingerprinting techniques.
- Experience analyzing traffic using network and application-layer signals including address-based, organizational, and transport-layer fingerprinting methods.
- Familiarity with common web server platforms, their log formats, and configuration.
- Ability to read, write, and tune access control and rate-limiting rules under pressure.
- Comfort working across hybrid infrastructure environments.
Preferred Skills:- Experience with advanced abuse mitigation techniques, including traffic redirection and challenge-response mechanisms.
- Scripting or automation experience (Python, Bash, or similar) for log parsing and rule generation.
- Prior work protecting high-traffic government or research platforms.
- Knowledge of bot detection techniques beyond simple blocking - behavioral signals, fingerprinting, headless browser detection, and similar approaches.
- Familiarity with evolving attacker tradecraft and how modern scrapers and abusers adapt to countermeasures.
Benefits and SalaryWe attract the best people in the business with our competitive benefits package that includes medical, dental and vision coverage, 401k plan with employer contribution, paid holidays, vacation, and tuition reimbursement.
We offer a competitive salary commensurate with experience and location. If you enjoy being a part of a high performing, professional service and technology focused organization, please apply today!
