Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive.
Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter @Netskope .
Job Overview
As part of the
Inline CASB team
, you will have a unique opportunity to work on a world-class CASB solution
that provides unparalleled visibility and control for widely used enterprise applications. Netskope Cloud Data Plane engineers architect and design one of the most scalable, high-performance cloud data planes in the world, processing 10+ Gbps of traffic
. What s in it for you
In this role, you will be working on
Deep Packet Inspection (DPI)
of CASB Inline traffic. You will build core functionality to intercept and inspect traffic the CASB Inline traffic which include Generative AI applications
in the data path, invoking essential services like DLP (Data Loss Prevention)
and Threat Protection (TSS)
and enforcing CASB Inline Real-Time Policies (RTP)
. You will be instrumental in developing state-of-the-art techniques, including AI/ML, to detect activities and apply advanced policies, all at line rate. This is a
high-impact position
for a technical leader
who excels at solving challenging problems and mentoring a world-class engineering team. If you enjoy diving deep into technical challenges to develop innovative solutions that are scalable, accurate, and high-performing, then this role is for you. Job Responsibilities
- Understand the various use cases and work flows for native/browser access of SaaS apps and support the app access requirements/use cases via Netskope reverse proxy solution. Also maintain & enhance the access control features for the supported SaaS apps.
- Work on re-architecting the deep packet inspection module to make it intelligent and scalable, with the goal of achieving higher accuracy in activity detection across a wide range of SaaS applications.
- Work on identifying a smart, scalable solution to reduce the cost of building and maintaining SaaS app connectors, which are responsible for providing deeper visibility into application activities.
- Work closely with the product management team on the new apps support & to define new access control use cases.
- Involve in the complete development life cycle starting with understanding various requirements, understand/define functional specs, development with high efficacy/quality & measure the efficacy based on production data.
- Identify gaps in existing solutions/processes and bring in innovative ideas that help evolve the solution over time.
- Work closely with the technical support team to handle customer escalations. Analyze the product gaps that resulted in customer issues and improve the signature resiliency and test strategy.
Preferred Qualification
- Bachelors or Masters degree in Computer Science, Engineering or equivalent strongly preferred.
- Minimum
15
years of work experience.
Preferred Technical Skills (must-have)
-
Programming Mastery:
Expert proficiency in C/C++
and strong experience with Python
. -
Networking Protocol Expertise:
- Deep understanding of networking protocols, including
TCP/IP, HTTP/S, WebSocket, DNS, and TLS/SSL decryption (MITM)
techniques. - Knowledge of
L3 VPNs
like IPSec and Wireguard.
-
Security Domain Experience (L7 & Network):
- Proven experience in
data plane/data path development
for security products (e.g., Firewalls, Proxies, IDPS, DPI engines). - Experience in network and web security technologies, including
Web Application Firewall (WAF), L7 Access-Policies, Web Security, IDP/IPS, DNS-based security, and L7 DDoS.
-
Must Have:
Experience with HTTP proxy
development.
-
System Architecture:
- Strong understanding of
computer architecture
concepts like multi-threading, CPU scheduling, and memory management. - Good understanding of
algorithms and data structures
for implementing real-time inline data processing. - Good hands on experience and knowledge of
Linux at a systems level
.
-
Troubleshooting & Debugging:
- Strong analytical and troubleshooting skills using debuggers like
gdb
and tools like Valgrind
. - Hands-on experience with
packet capture technologies
(e.g., tcpdump, Wireshark, libpcap
) for network traffic analysis and troubleshooting.
-
Cloud & Containerization:
- Strong knowledge of
cloud solution architectures (AWS, Azure, GCP)
. - Direct experience with
container orchestration (Kubernetes)
and Container Network Interface (CNI) plugins
. - Familiarity with inter-service communication protocols in cloud environments (e.g., gRPC, REST).
- Experience in a
CASB
, ZTNA
, or SSE
security environment. - Contributions to open-source projects.
Additional Technical Skills
-
SASE Architecture:
Experience working within a SASE (Secure Access Service Edge) architecture is a major plus.
-
Authentication & Access Control:
Strong knowledge of Authentication technologies, including Identity and Access Management, SSO, SAML, OpenID, OAuth2, and MFA
. -
Generative AI (GenAI) Platforms:
Familiarity with GenAI platforms and APIs
and their communication patterns (e.g., OpenAI, Anthropic, Gemini). -
DPDK
and VPP
architecture knowledge is a plus. -
Testing Methodologies:
A proponent of Test-Driven Development (TDD)
and knowledge of various unit testing frameworks. -
Advanced Content Analysis:
Experience with advanced content analysis
or true file type detection
. -
Inter-Service Communication:
Familiarity with modern cloud protocols like gRPC
and REST
. -
Security Domain Experience:
Experience in a CASB, ZTNA, or SSE security environment
. -
Open-Source Contributions:
A history of contributions to open-source projects. #LI-VJ2
