Software Developer 4

Oracle Oracle · Enterprise · Austin, TX +1

This role is for a Principal Software Engineer on Oracle's Edge Security team, focusing on building and scaling the Web Application Firewall (WAF) platform within Oracle Cloud Infrastructure (OCI). The engineer will lead the design and development of highly available, cloud-scale services for threat detection, policy management, traffic inspection, and security analytics, protecting customer applications from web-based threats. The role involves driving the architecture of distributed systems, partnering with various teams, and ensuring secure, performant, and reliable services.

What you'd actually do

  1. Lead the architecture and delivery of cloud-scale backend services that power OCI's Web Application Firewall (WAF) platform.
  2. Design and evolve highly available policy management, rule evaluation, traffic inspection, bot mitigation, API protection, and security analytics services.
  3. Build scalable distributed systems that process and analyze high volumes of HTTP/HTTPS traffic while maintaining low latency and high reliability.
  4. Drive engineering excellence through software architecture reviews, design documentation, code quality standards, and operational best practices.
  5. Partner closely with Security Engineering, Product Management, SRE, and OCI platform teams to define and deliver next-generation application security capabilities.

Skills

Required

  • building production software systems
  • developing large-scale distributed services
  • Java
  • Go
  • Python
  • C++
  • Rust
  • distributed systems design
  • scalability
  • resiliency
  • concurrency
  • fault tolerance
  • service communication
  • API design
  • HTTP/HTTPS
  • REST APIs
  • TLS
  • reverse proxies
  • caching
  • load balancing
  • web application architectures
  • customer-facing platform services
  • availability
  • performance
  • operational excellence
  • cloud-native technologies
  • containers
  • Kubernetes
  • CI/CD pipelines
  • Infrastructure-as-Code
  • automated testing frameworks
  • design patterns
  • performance optimization
  • code quality
  • secure software development practices
  • observability solutions
  • metrics
  • distributed tracing
  • centralized logging
  • dashboards
  • alerting systems
  • lead complex technical initiatives
  • influence architecture decisions
  • communication skills
  • collaboration skills

Nice to have

  • Web Application Firewall (WAF)
  • API Security
  • Bot Management
  • CDN
  • Edge Computing
  • security products
  • common web application attack vectors
  • OWASP Top 10 vulnerabilities
  • credential abuse
  • automated attacks
  • API threats
  • rule engines
  • policy evaluation systems
  • threat detection platforms
  • traffic inspection technologies
  • high-throughput analytics
  • telemetry
  • event-processing pipelines
  • real-time security insights
  • globally distributed services
  • modern security architectures
  • Zero Trust principles
  • identity and access management
  • secure service-to-service communication
  • compliance
  • audit readiness
  • security-by-design development practices
  • open-source software
  • security tooling
  • cloud infrastructure projects