Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive.
Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter @Netskope .
About the role
Please note, this team is hiring across all levels and candidates are individually assessed and appropriately leveled based upon their skills and experience.
Netskope Cloud Data Plane engineers architect and design one of the most scalable, high-performance cloud data planes in the world, processing 10+ Gbps of traffic, performing deep inspection using state-of-the-art techniques like AI/ML to detect activities and apply advanced policies like DLP, Threat and UEBA protection, all at line rate.
What s in it for you
In this role you will be a key member of the NG-SWG team supporting our in-line CASB and SWG products, both of which have been recognized by Gartner as market leaders in their Magic Quadrant reports:
Netskope CASB in Gartner 2022 SSE Magic Quadrant
What you will be doing
-
Architectural Leadership:
Lead the design, development, and optimization of core data path components to ensure unparalleled performance, scalability, and reliability. -
Generative AI applications
, detecting activities like "Prompt" submissions and enforcing policies to prevent data leakage in these new channels. - Use advanced data structures and algorithms in C, C++, Python.
- Build services that inspect various network protocols such as HTTP at line rate.
- Analyze content in real-time to provide security.
- Inspect L7 traffic by doing deep packet inspection and enforcing the policy.
- Perform deep inspection of traffic in near real time
- Work on features like DLP and Threat protection.
- Build sophisticated key management algorithms.
-
Next-Gen Traffic Interception:
Drive the development of advanced interception and inspection techniques for modern application traffic, Build architectures which are containerized (POD) services, cloud-native deployments.
-
Packet-Level Expertise:
Utilize your deep knowledge of networking to build capabilities for packet capture and advanced troubleshooting
to diagnose complex issues in live customer environments. -
Performance Optimization:
Profile and optimize data processing pipelines to ensure ultra-low latency and high throughput for millions of concurrent connections. -
Generative AI Security:
Develop the logic to identify and analyze traffic from Generative AI applications, with a focus on deep inspection of proprietary communication protocols like Model Context Protocol (MCP)
and enforcing policies to prevent data leakage. -
Hands on Working experience various Layer 7 protocols like WebSocket, MCP and A2A.
Enhance our inspection engine to intercept and inspect HTTP, WebSocket, Application-to-Application (A2A)
and MCP traffic
, ensuring full visibility into data flows between services. -
Mentorship:
Provide technical leadership and guidance to junior engineers, fostering a culture of innovation and engineering excellence. -
Cross-Functional Collaboration:
Partner with Product Management, Program Management, QA, and Support teams to define requirements, provide expert support for customer escalations, and drive robust product delivery.
Required skills and experience
-
12+
years of industry experience building high-performance data plane services - Experience in network and web security technologies - firewalls, Web Application Firewall, L7 Access-Policies, web security, IDP / IPS, DNS based security, L7 DDoS.
-
Deep understanding of networking protocols
including TCP/IP, HTTP/S,WebSocket, DNS, TLS/SSL decryption (MITM)
techniques, L3 VPNs like IPSec, Wireguard etc.. -
Must Have
Good fundamentals of TCP, TLS, HTTP protocols. -
Must Have
Http proxy experience. - Programming mastery in C/C++ and Python
- Strong understanding of computer architecture - multi-threading, CPU scheduling, memory management
- Good understanding of algorithms and data structure to implement Real-time inline data processing
- Good knowledge of Linux at a systems level.
- Proven experience in data plane/data path development for security products (e.g., Firewalls, Proxies, IDPS, DPI engines).
- Strong analytical and troubleshooting skills using debuggers like gdb and tools like Valgrind.
- Hands-on experience with packet capture technologies (e.g., tcpdump, Wireshark, libpcap) for network traffic analysis and troubleshooting.
- Proponent of TDD a big plus, knowledge of various unit testing frameworks.
- Experience working within a
SASE
(Secure Access Service Edge) architecture is a major plus. -
Strong knowledge of Authentication technologies
including Identity and Access Management, SSO, SAML, OpenID, OAuth2, and MFA is a Plus.
Education
- Bachelors or Masters degree in Computer Science, Engineering or equivalent strongly preferred
#LI-VJ2
