Security Services Engineer

About Corero

About Corero Corero Network Security is a leading provider of real-time Distributed Denial of Service (DDoS) protection solutions. Specializing in automatic attack detection and mitigation, Corero helps service providers, enterprises, and hosting organizations maintain network availability, performance, and uptime through advanced visibility, analytics, and reporting capabilities. With operational centers in Marlborough, Massachusetts, USA, and Edinburgh, UK, and headquarters in London, UK, Corero is listed on the London Stock Exchange AIM market under the ticker CNS.

Corero is seeking a Security Services Engineer who thrives in a fast-paced environment and is eager to learn and take on the evolving challenges of DDoS cybersecurity. This is an opportunity to join an agile, growing company in a high-growth cybersecurity market focused on delivering customer value and exceptional service. The Corero SOC team operates in a collaborative and flexible environment where employees are empowered to innovate and make a real impact.

In this role, you will work closely with customers and collaborate across teams including SOC, Sales, Sales Engineering, and R&D Engineering. The Security Services Engineer will support incident response and customer data analysis within a 24x7 global Security Operations Center. The ideal candidate will have experience implementing and managing enterprise or carrier-grade networks, along with knowledge of next-generation DDoS detection and mitigation technologies.

This role is designed for individuals early in their cybersecurity career who want real, operational experience defending against live attacks. At Corero, you will:

• Work on real DDoS attacks in production environments
• Gain deep exposure to network security and incident response
• Learn from experienced SOC and engineering teams
• Develop skills in traffic analysis, troubleshooting, and customer support
• Build a foundation for long-term growth in cybersecurity engineering or operations

• Triage and resolve security incidents and customer support tickets in a live production environment (1st/2nd line support)
• Monitor, analyze, and investigate network traffic and potential threats, including DDoS activity
• Support customer maintenance, upgrades, and technical communications
• Contribute to incident response and post-incident reviews to improve detection and mitigation strategies
• Work within ITIL processes (Incident, Change, Problem, Service Requests)
• Document procedures, contribute to SOC knowledge base, and share learnings with the team
• Continuously develop your technical expertise across cybersecurity, networking, and Corero’s platform

10-hour workdays with two rotating work patterns:

• Sunday – Wednesday
• Wednesday – Saturday

Teams will rotate schedules throughout the year based on operational planning and staffing requirements.

To maintain continuous operational support, the following shift coverage is provided:

• Day Shift: 6:00 AM – 4:00 PM
• Evening / Swing Shift: 2:00 PM – 12:00 AM
• Night Shift: 10:00 PM – 8:00 AM

Required:

• 1–2 years of experience in a SOC, IT support, networking, or similar technical role
• Strong fundamentals in networking and troubleshooting (TCP/IP, routing, packet analysis)
• Ability to prioritize tasks, stay organized, and communicate clearly under pressure
• Comfortable working in a fast-paced, shift-based environment (including nights/weekends)
• Customer-focused mindset with strong problem-solving skills

Preferred:

• Experience with SIEM tools (Splunk preferred)
• Understanding of DDoS attacks and network security concepts
• Familiarity with virtualization technologies (KVM, ESXi)
• Basic scripting or automation skills (e.g., Python, Bash)
• CCNA/JNCIA/CompTIA A+/Network+/Security+/CySA+/Cyber Ops

• Competitive compensation package
• Pension Scheme
• Life insurance
• Medical insurance
• Enhanced parental leave
• Annual leave + bank holidays + birthday day off