Software Developer 4

Join OCI’s Edge Security team as a Principal Software Engineer focused on building and scaling Oracle Cloud Infrastructure’s Web Application Firewall (WAF) platform. You will lead the design and development of highly available, cloud-scale services that protect customer applications from web-based threats, automate security enforcement, and deliver advanced traffic inspection and policy management capabilities across OCI’s global infrastructure.

In this role, you will drive the architecture of distributed systems that power WAF features such as threat detection, rule evaluation, bot mitigation, API protection, and security analytics. You will partner closely with security engineers, product managers, and platform teams to deliver secure, performant, and reliable services while helping define the long-term technical vision for OCI’s application security portfolio.

What you'll do

• Lead the architecture and delivery of cloud-scale backend services that power OCI's Web Application Firewall (WAF) platform.
• Design and evolve highly available policy management, rule evaluation, traffic inspection, bot mitigation, API protection, and security analytics services.
• Build scalable distributed systems that process and analyze high volumes of HTTP/HTTPS traffic while maintaining low latency and high reliability.
• Drive engineering excellence through software architecture reviews, design documentation, code quality standards, and operational best practices.
• Partner closely with Security Engineering, Product Management, SRE, and OCI platform teams to define and deliver next-generation application security capabilities.
• Establish robust observability through metrics, logging, tracing, alerting, and performance monitoring to ensure service health and customer visibility.
• Lead automation initiatives across the software development lifecycle, including CI/CD, testing frameworks, deployment automation, and Infrastructure-as-Code.
• Drive reliability, scalability, and operational readiness through capacity planning, incident response, root cause analysis, and continuous improvement.
• Mentor engineers, influence technical strategy across organizations, and help raise the engineering bar through design reviews and technical leadership.

Qualifications

• 7–10+ years building production software systems, including experience developing large-scale distributed services in cloud or SaaS environments.
• Strong proficiency in one or more of the following languages: Java, Go, Python, C++, or Rust.
• Deep expertise in distributed systems design, including scalability, resiliency, concurrency, fault tolerance, service communication, and API design.
• Strong understanding of HTTP/HTTPS, REST APIs, TLS, reverse proxies, caching, load balancing, and web application architectures.
• Experience building customer-facing platform services with strict requirements around availability, performance, and operational excellence.
• Proven experience with cloud-native technologies, including containers, Kubernetes, CI/CD pipelines, Infrastructure-as-Code, and automated testing frameworks.
• Strong software engineering fundamentals, including design patterns, performance optimization, code quality, and secure software development practices.
• Experience building observability solutions using metrics, distributed tracing, centralized logging, dashboards, and alerting systems.
• Demonstrated ability to lead complex technical initiatives and influence architecture decisions across multiple engineering teams.
• Excellent communication and collaboration skills with a track record of working effectively across engineering, security, product, and operations organizations.

Preferred Qualifications

• Experience building or operating Web Application Firewall (WAF), API Security, Bot Management, CDN, Edge Computing, or related security products.
• Knowledge of common web application attack vectors, including OWASP Top 10 vulnerabilities, credential abuse, automated attacks, and API threats.
• Experience with rule engines, policy evaluation systems, threat detection platforms, or traffic inspection technologies.
• Background building high-throughput analytics, telemetry, or event-processing pipelines for real-time security insights.
• Experience operating globally distributed services across multiple regions and availability domains.
• Familiarity with modern security architectures, Zero Trust principles, identity and access management, and secure service-to-service communication.
• Experience with compliance, audit readiness, and security-by-design development practices.
• Contributions to open-source software, security tooling, or cloud infrastructure projects are a plus.

How you'll have impact

• Deliver core WAF capabilities that protect OCI customers from application-layer attacks while maintaining performance and availability.
• Launch customer-facing security features that provide visibility, protection, automation, and policy control at cloud scale.
• Improve the scalability, reliability, and operational maturity of OCI's application security platform.
• Raise engineering quality and technical standards through mentorship, architectural leadership, and continuous improvement initiatives.

Ways of working

• Security, privacy, and reliability by design with secure development practices embedded throughout the software lifecycle.
• Data-driven decision making supported by clear metrics, SLOs, operational reviews, and measurable customer outcomes.
• Collaborative engineering culture focused on design reviews, code reviews, technical excellence, knowledge sharing, and continuous learning.

Responsibilities

Qualifications

Company