CloudFlare DDoS Mitigation - Software Engineer in San Francisco, California

DDoS Mitigation - Software Engineer

Do you know why a Client saying "Hello" needs an Extension but not a Ticket?

Excited when RTO gets smaller than SRTT? Puzzled to see SYN packet longer than 56 bytes? Always wanted to perform a kernel, not a heart, bypass? Worried if QUIC can be amplified? Wondering if BPF supports XOR operation?

Join us!

Cloudflare's world-famous DDoS mitigation team is looking for fresh blood. Our key responsibilities include:

• Making sure the 10% of the web we serve is protected from any kind of DDoS. • Analyzing the attacks we receive. • Educating the rest of the world on how to fix the DDoS.

On daily basis we are:

• Building tools to help our SRE team with day-to-day mitigations. • Automating L3 DDoS mitigations. • Automating L7 DDoS mitigations. • Maintaining the Kernel fork we use. That includes backporting mainline features and implementing improvements in the TCP stack. • Writing systemtap scripts to aid with kernel debugging. • Making sure our sflow and netflow on-line realtime streaming systems are up, no matter what.

We mostly program in C (kernel panic at EIP=0x0), Golang (wait, was that a GC spike?) and Python (pip install scapy). We do not hold pagers, although we are expected to fix our system if they crash.

Skills expected:

• Strong understanding of networking at at least L3 layer (what is IPID again?) • Strong low level debugging skills (what does tcpdump -ttttt do?) • Strong understanding of Linux, Unix and network stack design (Why can't you dup(2) epoll fd? How does strace work?) • Reasonable understanding of HTTP layer (can one send the "Host" header twice?) • Reasonable experience in C. Willingness to learn Golang.

Cloudflare perks:

• Up to three 4K monitors • Standing desks • Commuter subsidies • Bike parking • Company tech talks • Weekly happy hours and catered lunches • Unlimited paid time off • A sunny office near CalTrain and BART

Sound like somewhere you'd thrive? We'd love to hear from you!

Cloudflare is a security company. All prospective employees will be subject to an extensive background check.

Cloudflare is an equal opportunity employer and does not discriminate against any employee or applicant on the basis of age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any classification protected by federal, state, or local law.

Want to learn more about the DDoS Mitigation team? Check out a recent blog post: