About the team

The DDoS Protection team creates software that stops some of the largest DDoS attacks in the world. Our team is split evenly across Austin, TX USA and London, UK and you would be welcome in either location. Our software is written in Rust, Go, Python, and Lua. Our data pipeline uses Kafka, PostgreSQL and ClickHouse. Our software is run within Kubernetes or on Debian Linux. We monitor using Prometheus, Kibana, and Grafana.

Our mitigation system, called Gatebot, analyses the global HTTP request logs to build a picture of website traffic and identify HTTP floods. Once detected it emplaces rules that mitigate the impact of the HTTP flood.

It is a friendly team in an exciting and critical part of a global company. Your work will have real impact protecting Cloudflare infrastructure and customer websites across every vertical and country.

About the position

We are looking for engineers who have good knowledge of HTTP and some knowledge of TCP, UDP and TLS to help us protect websites from denial-of-service attacks. These attacks are usually volumetric and range from hundreds of HTTP requests per second to millions of HTTP requests per second.

The work will focus on these HTTP floods, to maintain and evolve the existing systems that protect against them and to contribute to shaping future systems.

As you will be working within an existing team your voice will be important and will be able to influence the direction of the engineering implementation and roadmap as the team defines the engineering roadmap by sharing knowledge, experience and ideas.

You are ideally self-motivated, creative, and take pride in shipping well-crafted, maintainable code.

Responsibilities

• Crafting software to improve our DDoS protections
• Participating in and leading projects as an engineer, that expand our DDoS protections
• Investigating attacks to see what we can learn and how we can make improvements
• Investigating attacks to provide customers and internal teams with insight about the attacks
• Monitoring and analysing logs and metrics to ensure system health
• Working on tooling and support around our software
• Communicating via internal and public channels about what we do, why, and how we do it
• Handle escalations from Support or SREs, which may include out of hour support in rare cases

Examples of desirable skills and experience:

We do not require you to have all of these and a degree is not required for this role.

• Experience with Rust, or Go
• Or similar and with a willingness to learn Rust and Go
• Experience with Python, or Lua
• Advanced knowledge of core protocols for the web (TCP/IP, HTTP, HTTP/2, TLS, QUIC)
• Awareness of regular expressions and differences between PCRE and RE2
• Awareness of Linux networking stack and iptables
• Experience debugging and testing your code, including avoiding false positives and running tests over sampled data
• Understanding of performance analysis
• Experience querying databases using SQL
• Awareness of common types of web application vulnerabilities
• Awareness of common web application software (Wordpress, Drupal, Magento, etc)
• Talent for discovering anomalies in data
• Ability to investigate and report the impact of security problems
• Ability to communicate complex security issues and ideas to all stakeholders
• Experience building and designing APIs