Software Developer 4

Oracle Oracle · Enterprise · United States

Principal Software Engineer to lead the design and development of cloud-scale Web Application Firewall (WAF) platform services, focusing on threat detection, security enforcement, traffic inspection, and policy management for Oracle Cloud Infrastructure.

What you'd actually do

  1. Lead the architecture and delivery of cloud-scale backend services that power OCI's Web Application Firewall (WAF) platform.
  2. Design and evolve highly available policy management, rule evaluation, traffic inspection, bot mitigation, API protection, and security analytics services.
  3. Build scalable distributed systems that process and analyze high volumes of HTTP/HTTPS traffic while maintaining low latency and high reliability.
  4. Drive engineering excellence through software architecture reviews, design documentation, code quality standards, and operational best practices.
  5. Partner closely with Security Engineering, Product Management, SRE, and OCI platform teams to define and deliver next-generation application security capabilities.

Skills

Required

  • 7–10+ years building production software systems
  • developing large-scale distributed services in cloud or SaaS environments
  • Java, Go, Python, C++, or Rust
  • distributed systems design
  • scalability
  • resiliency
  • concurrency
  • fault tolerance
  • service communication
  • API design
  • HTTP/HTTPS
  • REST APIs
  • TLS
  • reverse proxies
  • caching
  • load balancing
  • web application architectures
  • customer-facing platform services
  • availability
  • performance
  • operational excellence
  • cloud-native technologies
  • containers
  • Kubernetes
  • CI/CD pipelines
  • Infrastructure-as-Code
  • automated testing frameworks
  • software engineering fundamentals
  • design patterns
  • performance optimization
  • code quality
  • secure software development practices
  • observability solutions
  • metrics
  • distributed tracing
  • centralized logging
  • dashboards
  • alerting systems
  • lead complex technical initiatives
  • influence architecture decisions
  • communication skills
  • collaboration skills

Nice to have

  • Experience building or operating Web Application Firewall (WAF), API Security, Bot Management, CDN, Edge Computing, or related security products.
  • Knowledge of common web application attack vectors, including OWASP Top 10 vulnerabilities, credential abuse, automated attacks, and API threats.
  • Experience with rule engines, policy evaluation systems, threat detection platforms, or traffic inspection technologies.
  • Background building high-throughput analytics, telemetry, or event-processing pipelines for real-time security insights.
  • Experience operating globally distributed services across multiple regions and availability domains.
  • Familiarity with modern security architectures, Zero Trust principles, identity and access management, and secure service-to-service communication.
  • Experience with compliance, audit readiness, and security-by-design development practices.
  • Contributions to open-source software, security tooling, or cloud infrastructure projects are a plus.

What the JD emphasized

  • building and scaling
  • highly available
  • cloud-scale
  • lead the architecture
  • lead automation initiatives
  • lead complex technical initiatives