Key skills
Linux networkingJava/Python/C++/Rust/GoDevOps leadershipInfrastructure as CodeDDoS/network securityAdvanced networkingOperational excellencePythonJavaC++CGoRustAnalyticsTerraformKubernetesOracleCI/CDLeadershipCommunicationNetwork SecurityZero Trust
About this role
NetSuite is a company under Oracle that provides cloud-based business management solutions. They are seeking a Principal Engineer to architect and deliver cloud-scale DDoS protection, leading design for high-performance detection and mitigation systems while driving automation and operational excellence.
Responsibilities:
- Lead architecture and delivery of low-latency backend services for DDoS detection, classification, and mitigation
- Define and evolve scalable data/control planes (policy, signaling, telemetry, orchestration) with strong fault isolation, resiliency, and compliance-by-design
- Own traffic engineering strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams
- Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning
- Drive automation at scale: CI/CD strategy, test frameworks, progressive delivery (canary/blue-green), and infrastructure-as-code
- Establish robust observability (metrics, logs, traces) and capacity/scale models for high-throughput, highly available services
- Lead threat modeling, architecture reviews, and audit readiness for Tier 0 services; ensure security and privacy are embedded through the lifecycle
- Mentor engineers, influence cross-org roadmaps, and collaborate with Product, SRE, and Network Engineering from concept to GA
Requirements:
- 7–10 years building production backend systems, including 3–5 years in high-scale and/or low-latency environments
- Deep expertise in Linux networking data path and kernel-level networking (e.g., XDP, eBPF, dpdk, iptables, nftables) for traffic processing, filtering, and observability
- Proficiency in one or more: Java/Python/C++/Rust/Go (strong preference for Java for control-plane/services)
- Deep systems design expertise: concurrency, memory management, performance tuning, API design, consistency models, and distributed systems fundamentals
- Proven DevOps leadership at scale: CI/CD, automated testing, canarying, rollout/rollback, configuration management
- Strong IaC experience (e.g., Terraform) and solid cloud infrastructure fundamentals
- Domain experience in DDoS or network security services and common attack/defense patterns
- Advanced networking knowledge: TCP/IP, IPv4/IPv6, BGP, routing policy; DNS fundamentals
- Demonstrated operational excellence and observability practices (metrics, tracing, alerting)
- Expertise with anycast routing, global traffic steering, and multi-region service readiness
- Experience with SDN, programmable data planes, or hardware mitigation platforms
- Building high-rate telemetry/streaming pipelines for near-real-time detection (packet/flow analytics)
- Background in resilience engineering, chaos testing, disaster recovery, and capacity planning at hyperscale
- Containerization/orchestration (e.g., Kubernetes) and secure service-to-service communication (mTLS, policy enforcement)
- Familiarity with zero trust, segmentation, and modern security architectures; exposure to compliance frameworks and audit preparation