
Cloudflare
Mid
Hunt and neutralize BEC and phishing campaigns inside Cloudflare's PhishGuard managed email defense
This role sits inside Cloudflare's Cloudforce One / INTERDICT threat operations org, acting as the human intelligence layer that catches sophisticated email-borne attacks automated systems miss. You'll investigate flagged and customer-reported emails, hunt proactively for emerging BEC and vendor-fraud patterns, feed findings back into Detection Engineering's ML models, and guide customers through DMARC hardening. Expect deep questions on SPF/DKIM/DMARC mechanics, phishing/BEC investigation workflow, and how you'd use AI/LLM tooling in daily triage.
Step into this interview
Free · a live voice mock calibrated to this exact role
What this interview tests
- BEC / vendor fraud investigation methodology
- SPF/DKIM/DMARC protocol depth and alignment audits
- Threat hunting and campaign correlation (domains, IPs, headers)
- AI/LLM tool-assisted analysis workflows
- Customer-facing crisis communication and technical onboarding
Common question themes
Walk through investigating a suspected BEC email end to end
How would you design a DMARC rollout to strict Reject for a resistant customer
Describe a phishing campaign you tracked across multiple indicators
How have you used AI/LLM tools to speed up daily security analysis
How do you decide when to escalate directly to a customer by phone
What feedback would you give Detection Engineering after a missed detection
Related interviews

Cloudflare
Senior
Senior Solutions Engineer, Majors, Philadelphia or Pittsburgh

Cloudflare
Senior
Senior Data Scientist

Cloudflare
Mid
Machine Learning Engineer

Amazon
Mid
Data Engineer II, Veritas, Security Tools Foundation

Amazon
Senior
Sr. Software Development Engineer, Amazon Optics

Cohere
Senior