Job Summary:We are seeking a Principal Network Software Engineer to architect and develop scalable and multi-tenant cloud-native networking solutions and security architectures. This role blends cloud networking expertise with software development.
The ideal candidate has deep experience in cloud-native Next-Generation Firewalls (NGFWs), Zero Trust Security, and Secure Access Service Edge (SASE) stack, along with hands-on cloud software development, data plane engineering, and cloud automation. The role will focus on building high-performance, multi-tenant cloud networking solutions for multiple deployment scenarios, integrating public and private clouds, cloud-managed networking devices, and SASE components.
This is a
hands-on role: you'll define the design, write and review code, and guide teams through delivering production systems.
Key Responsibilities: - Architect and develop multi-tenant cloud-native networking and security solutions in public, private cloud, and hybrid environments.
- Optimize traffic steering, policy orchestration, and security enforcement.
- Develop high-speed telemetry and analytics solutions for network visibility and threat detection.
- Develop software solutions to optimize cloud egress and gateway hosting costs, reducing expenses while maintaining network security and performance.
- Develop cloud networking applications using Go & PHP for traffic management, security policy orchestration, network observability, and service chaining.
Required Qualifications - 10+ years of experience in software engineering, with at least 7+ years focused primarily on backend systems.
- 3+ years of experience in a Staff, Principal, or Architect role with end-to-end ownership of architecture and delivery.
- 5+ years of hands-on programming experience in Golang, C/C++, PHP, and Python.
- 3+ years of hands-on experience with cloud-native NGFWs and network security appliances.
- 5+ years of experience in Linux networking, including firewall configuration using netfilter, iptables, and nftables, as well as DNS filtering, traffic shaping, and QoS.
- 3+ years of experience with network security technologies including DNS filtering, Deep Packet Inspection (DPI), Intrusion Detection and Prevention Systems (IDPS), Anti-Virus, and SSL Proxy.
- 2+ years of experience working with SASE components such as DLP, SWG, ZTNA, CASB, sandboxing, anti-malware, and anti-virus.
- 2+ years of hands-on experience with Linux userspace fast-path frameworks such as VPP and DPDK
Preferred Qualifications- Hands-on experience with fast path Linux Kernel fast path technologies like eBPF, XDP, and AF_XDP.
- Proven experience with data-path Multitenancy like VXLAN, Linux Namespaces and VRFs.
- Solid background in containerization and Kubernetes orchestration, including CNI selection, configuration, and troubleshooting.
- Familiarity with cloud-native Networking frameworks, like Cilium and Calico.
- Working experience with ELK stack, database stores like Redis and Cassandra, and message queues like Kafka.
- Knowledge of continuous integration workflows, testing tools, and source code management tools (e.g., Git).
- Strong experience with VPN technologies like IPSec and WireGuard.
