DDoS Mitigation - Software Engineer

Cloudflare, London, UK

Help us build a better Internet

About Us

At Cloudflare, we have our eyes set on an ambitious goal: to help build a better Internet. Today, Cloudflare runs one of the world’s largest distributed networks that powers more than 1.5 trillion pageviews each month across 5 million Internet properties. More than 10 percent of all global Internet requests flow through Cloudflare’s network. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code.

Our customers range from Fortune 500 companies and nonprofits to small businesses and budding entrepreneurs. Every day, about 12,000 new customers sign up. We’re working to create a faster, more secure, and more reliable experience for anyone online and given the scale at which we operate, our mission is big. Our team is hard at work shaping the future of the Internet by solving some of its toughest challenges. Come join us.

About the Department

Cloudflare’s Engineering Team builds and runs the software that handles about 10% of HTTP requests on the Internet today. We also build and run the internal tools that builds and runs our software. The Engineering Team is split into two groups: one handles product development and the other handles operations. Product development covers both new features and functionality and scaling our existing software to meet the challenges of a massively growing customer base. The operations team handles one of the world’s largest networks with data centers in 102 cities worldwide.

About the Role

Do you know why a Client saying "Hello" needs an Extension but not a Ticket?

Excited when RTO gets smaller than SRTT? Puzzled to see SYN packet longer than 56 bytes? Always wanted to perform a kernel, not a heart, bypass? Worried if QUIC can be amplified? Wondering if BPF supports XOR operation?

Join us!

Cloudflare's world-famous DDoS mitigation team is looking for fresh
blood. Our key responsibilities include:

  • Making sure the 10% of the web we serve is protected from any kind of DDoS.
  • Analyzing the attacks we receive.
  • Educating the rest of the world on how to fix the DDoS.


  • Building tools to help our SRE team with day-to-day mitigations.

  • Automating L3 DDoS mitigations.

  • Automating L7 DDoS mitigations.

  • Maintaining the Kernel fork we use. That includes backporting mainline features and implementing improvements in the TCP stack.

  • Writing systemtap scripts to aid with kernel debugging.

  • Making sure our sflow and netflow on-line realtime streaming systems are up, no matter what.

  • We mostly program in C (kernel panic at EIP=0x0), Golang (wait, was that a GC spike?) and Python (pip install scapy). We do not hold pagers, although we are expected to fix our system if they crash.


  • Strong understanding of networking at at least L3 layer (what is IPID again?)

  • Strong low level debugging skills (what does tcpdump -ttttt do?)

  • Strong understanding of Linux, Unix and network stack design (Why can't you dup(2) epoll fd? How does strace work?)

  • Reasonable understanding of HTTP layer (can one send the "Host" header twice?)

  • Reasonable experience in C. Willingness to learn Golang.

What Makes Us Special

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet. In 2014, we launched Project Galileo, an initiative through which we partner with global NGOs to identify websites at risk of attack and provide the same state-of-the-art mitigation technology already used by Cloudflare’s enterprise customers--at no cost. Project Galileo equips politically and artistically important organizations and journalists with powerful tools to defend themselves against attacks that would otherwise censor their work.

Additionally, in 2016, we announced our partnership with Path Forward, a nonprofit organization that works with companies to create 18-week positions for mid-career professionals who want to get back to the workplace after taking time off to care for a child, parent, or loved one. With the lofty goal of shaping the future of the Internet, we’re focused on recruiting the best and the brightest, no matter what.

Cloudflare hires the best people based on an evaluation of their abilities and effectiveness.  We don't discriminate against employees on the basis of any other personal characteristic or any classification protected by federal, state or local law.

About Cloudflare

About us Cloudflare is the simplest way to make websites faster, safer and smarter. Millions of websites have signed up for our service, including large enterprises, major consumer destinations, and government agencies. With offices in San Francisco and London, Cloudflare operates a highly-available global network that has security measures built into every layer and regularly clocks in lightning-fast speeds. We're on a mission to build a better web - and we need smart, talented people to join our team. Our team works on the forefront of leading technologies including nginx, Go and Lua programming languages. We're a strong supporter of the open source community and regularly share our technology learnings at https://blog.cloudflare.com.

Want to learn more about Cloudflare? Visit Cloudflare's website.