Key skills
TypeScriptGoRubyAIRailsKubernetesGKEIstioService MeshCloudflareSDLCPrototypingWAF
About this role
Persona is a configurable identity platform designed for businesses navigating a digital-first world. They are seeking a Software Engineer to join their Edge team, where the role involves owning edge networking configuration, evolving the ingress layer for reliable traffic handling, and building network-layer observability to enhance performance and client outcomes.
Responsibilities:
- Own edge networking configuration: routing, WAF policy, rate limiting, certificate management, driving toward a model where engineers ship traffic changes without waiting on infra. We use Cloudflare extensively but not exclusively
- Evolve the ingress layer (controllers, lifecycle, policy, Ingress API) so inbound traffic is reliable, observable, and self-service
- Manage DNS across internal clusters and external zones so name resolution is invisible by design
- Build network-layer observability: latency, error rates, routing visibility that surfaces problems before they become incidents
- Support Persona's regional expansion by extending networking into new geographies and ensuring regional expansion is scalable, performant, and maintainable
- Help define the team's practices and technical standards. This team is new, and you'll shape what it looks like — from SDLC, usage of AI tooling, static analysis, chaos engineering, and usage of simulation. We are serious about encoding top-quality engineering practices into the team’s DNA — and you will be core to their development
Requirements:
- Experience building and shipping production services in a polyglot environment (Go, TypeScript, or similar). You should enjoy the pros/cons of different languages — a zealot is unlikely to enjoy working in our garden
- Experience diagnosing production issues at the network layer, including understanding how proxies and load balancers can obscure the real source of a problem. You should enjoy deep, methodical investigatory work — but also have the chops to quickly take on triage and solutioning should an emergency arise
- Kubernetes networking in practice: ingress controllers, DNS, network policies, not just running workloads
- Manages infrastructure as code in practice, not just in principle. Change safety and governance should be a feature not a bug — and you enjoy designing those processes so they appear low-friction while having real teeth
- Experience building internal platforms or tools with a track record of driving adoption across engineering teams. We love OSS and hope to continue contributing, but we also need to unblock ourselves today when external tools fall short
- Cloudflare (Workers, WAF, Access, or Tunnel)
- Istio or another service mesh in a multi-cluster environment
- GKE or managed Kubernetes at scale
- Ruby or Rails (we integrate with Ruby systems)
- A “hacker's heart” for prototyping new ideas and ways of operating — even though experimentation might not progress beyond the toy phase