Uncubed
           

Systems Engineer - DDoS Protection

Cloudflare, London, UK

Help us build a better Internet


About the team

The DDoS Protection team creates software that stops some of the largest DDoS attacks in the world. Our team is split evenly across Austin, TX USA and London, UK and you would be welcome in either location. Our software is written in Rust, Go, Python, and Lua. Our data pipeline uses Kafka, PostgreSQL and ClickHouse. Our software is run within Kubernetes or on Debian Linux. We monitor using Prometheus, Kibana, and Grafana.

Our mitigation system, called Gatebot, analyses the global HTTP request logs to build a picture of website traffic and identify HTTP floods. Once detected it emplaces rules that mitigate the impact of the HTTP flood.

It is a friendly team in an exciting and critical part of a global company. Your work will have real impact protecting Cloudflare infrastructure and customer websites across every vertical and country.

About the position

We are looking for engineers who have good knowledge of HTTP and some knowledge of TCP, UDP and TLS to help us protect websites from denial-of-service attacks. These attacks are usually volumetric and range from hundreds of HTTP requests per second to millions of HTTP requests per second.

The work will focus on these HTTP floods, to maintain and evolve the existing systems that protect against them and to contribute to shaping future systems.

As you will be working within an existing team your voice will be important and will be able to influence the direction of the engineering implementation and roadmap as the team defines the engineering roadmap by sharing knowledge, experience and ideas.

You are ideally self-motivated, creative, and take pride in shipping well-crafted, maintainable code.

Responsibilities

  • Crafting software to improve our DDoS protections
  • Participating in and leading projects as an engineer, that expand our DDoS protections
  • Investigating attacks to see what we can learn and how we can make improvements
  • Investigating attacks to provide customers and internal teams with insight about the attacks
  • Monitoring and analysing logs and metrics to ensure system health
  • Working on tooling and support around our software
  • Communicating via internal and public channels about what we do, why, and how we do it
  • Handle escalations from Support or SREs, which may include out of hour support in rare cases

Examples of desirable skills and experience:

We do not require you to have all of these and a degree is not required for this role.

  • Experience with Rust, or Go
    • Or similar and with a willingness to learn Rust and Go
  • Experience with Python, or Lua
  • Advanced knowledge of core protocols for the web (TCP/IP, HTTP, HTTP/2, TLS, QUIC)
  • Awareness of regular expressions and differences between PCRE and RE2
  • Awareness of Linux networking stack and iptables
  • Experience debugging and testing your code, including avoiding false positives and running tests over sampled data
  • Understanding of performance analysis
  • Experience querying databases using SQL
  • Awareness of common types of web application vulnerabilities
  • Awareness of common web application software (Wordpress, Drupal, Magento, etc)
  • Talent for discovering anomalies in data
  • Ability to investigate and report the impact of security problems
  • Ability to communicate complex security issues and ideas to all stakeholders
  • Experience building and designing APIs

 

About Cloudflare

About us

Cloudflare is the simplest way to make websites faster, safer and smarter. Millions of websites have signed up for our service, including large enterprises, major consumer destinations, and government agencies. With offices in San Francisco and London, Cloudflare operates a highly-available global network that has security measures built into every layer and regularly clocks in lightning-fast speeds.

We're on a mission to build a better web - and we need smart, talented people to join our team. Our team works on the forefront of leading technologies including nginx, Go and Lua programming languages. We're a strong supporter of the open source community and regularly share our technology learnings at https://blog.cloudflare.com.

Want to learn more about Cloudflare? Visit Cloudflare's website.