We're in alpha · Starting with US & Canada · Shipping weekly — your feedback shapes RiseMe
RiseMe
LoginSign Up
Bell Cyber logo
Bell Cyber Verified
Cybersecurity

DDoS Security Engineer

Mississauga, Ontario, CanadaHybridFull TimeCA$58,586–CA$73,233 /yrPosted 1 day ago

Compensation estimateAI

See base, equity, bonus, and total comp estimates for this role — free, no credit card.

Sign up to see compensation estimate

The DDoS Security Engineer is responsible for the design, operation, monitoring, and optimization of Distributed Denial-of-Service protection services across multiple mitigation platforms, including
Radware, Arbor, Cloudflare, and Akamai
. This role focuses on protecting customer-facing and internal digital services from volumetric, protocol, and application-layer attacks through continuous monitoring, incident response, tuning, and service improvement.

The ideal candidate has strong experience in network security operations, traffic analysis, mitigation workflows, and customer-facing incident management within high-availability environments.

The DDoS Security Engineer is responsible for the design, operation, monitoring, and optimization of Distributed Denial-of-Service protection services across multiple mitigation platforms, including
Radware, Arbor, Cloudflare, and Akamai
. This role focuses on protecting customer-facing and internal digital services from volumetric, protocol, and application-layer attacks through continuous monitoring, incident response, tuning, and service improvement.

The ideal candidate has strong experience in network security operations, traffic analysis, mitigation workflows, and customer-facing incident management within high-availability environments.

Salary:
$80,000 to $100,000 per year

Key Responsibilities

- Operate and manage DDoS protection services across Radware, Arbor, Cloudflare, and Akamai platforms.
- Monitor customer environments for DDoS threats, anomalous traffic behavior, and service degradation.
- Analyze attacks across
Layer 3, Layer 4, and Layer 7
, including volumetric floods, protocol abuse, and application-layer attacks.
- Execute mitigation actions such as traffic diversion, scrubbing activation, ACL updates, rate-limiting, WAF tuning, and routing changes.
- Coordinate with SOC, NOC, network engineering, cloud, and customer teams during active incidents.
- Develop and maintain runbooks, playbooks, escalation procedures, and standard operating procedures for DDoS response.
- Perform onboarding of new customers, including traffic baselining, protection profile tuning, DNS/routing integration, and validation testing.
- Tune detection thresholds, mitigation policies, signatures, and protection profiles to reduce false positives and improve response speed.
- Support always-on and on-demand DDoS protection models.
- Produce incident reports, attack summaries, customer communications, and post-incident recommendations.
- Track service availability, mitigation performance, SLA compliance, and operational KPIs.
- Provide guidance on DDoS architecture, resilience design, and best practices for internet-facing services.
- Work with vendors and internal teams on platform upgrades, policy enhancements, and issue resolution.
- Contribute to continuous improvement of managed DDoS services, including automation and orchestration opportunities.

Required Qualifications

- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Network Engineering, or equivalent experience.
- 3–7+ years of experience in network security, DDoS protection, SOC, or managed security services.
- Hands-on experience with one or more of the following:
Radware, Arbor, Cloudflare, Akamai
.
- Strong understanding of:
- TCP/IP, UDP, ICMP, BGP, DNS, HTTP/HTTPS, CDN, proxy, and load-balancing concepts
- DDoS attack methods such as SYN floods, UDP floods, DNS amplification, NTP amplification, HTTP floods, bot-driven application attacks, and SSL/TLS exhaustion
- Traffic analysis using logs, packet captures, NetFlow/sFlow, and platform telemetry
- Experience in incident handling and operational response in high-pressure environments.
- Strong troubleshooting and analytical skills.
- Excellent written and verbal communication skills for technical and customer-facing interactions.

Preferred Qualifications

  • Experience in a managed DDoS, MSSP, ISP, telco, or enterprise security operations environment.
  • Familiarity with cloud and hybrid environments, including public-facing application protection.
  • Experience with WAF, CDN, bot mitigation, and API protection capabilities.
  • Knowledge of routing-based mitigation, GRE tunneling, BGP diversion, and scrubbing center operations.
  • Experience with SIEM, SOAR, ticketing systems, and monitoring platforms.
  • Scripting or automation experience in Python, PowerShell, or REST API integrations.
  • Relevant certifications such as:
  • CISSP
  • CCNP Security / CCIE Security
  • GIAC certifications
  • Vendor-specific training or certifications in Radware, Cloudflare, Akamai, or Arbor

Core Competencies

  • DDoS detection and mitigation
  • Network traffic analysis
  • Incident response and escalation management
  • Customer communication during live security events
  • Multi-vendor platform operations
  • Security service onboarding and optimization
  • Documentation and reporting
  • Operational excellence under pressure

Key Deliverables

  • Rapid identification and mitigation of DDoS attacks
  • Accurate incident triage and escalation
  • Reduced false positives and improved mitigation tuning
  • Strong customer reporting and service communication
  • Reliable service onboarding and policy implementation
  • Continuous improvement in response time, service stability, and protection effectiveness
Ready to apply?
You'll be redirected to Bell Cyber's application page.