Principal Engineer/Architect, CASB Inline
Principal Engineer/Architect, CASB Inline
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About Netskope
Today theres more data and users outside the enterprise than inside causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed one that is built in the cloud and follows and protects data wherever it goes so we started Netskope to redefine Cloud Network and Data Security.
Since 2012 we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara St. Louis Bangalore London Paris Melbourne Taipei and Tokyo. Our core values are openness honesty and transparency and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships collaboration and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON) we strive to keep work fun supportive and interactive.Visit us atNetskope Careers. Please follow us on LinkedIn and Twitter@Netskope.
Job Overview
As part of the Inline CASB team you will have a unique opportunity to work on a world-class CASB solution that provides unparalleled visibility and control for widely used enterprise applications. Netskope Cloud Data Plane engineers architect and design one of the most scalable high-performance cloud data planes in the world processing 10 Gbps of traffic.
Whats in it for you
In this role you will be working on Deep Packet Inspection (DPI) of CASB Inline traffic. You will build core functionality to intercept and inspect traffic the CASB Inline traffic which include Generative AI applications in the data path invoking essential services like DLP (Data Loss Prevention) and Threat Protection (TSS) and enforcing CASB Inline Real-Time Policies (RTP). You will be instrumental in developing state-of-the-art techniques including AI/ML to detect activities and apply advanced policies all at line rate.
This is a high-impact position for a technical leader who excels at solving challenging problems and mentoring a world-class engineering team.
If you enjoy diving deep into technical challenges to develop innovative solutions that are scalable accurate and high-performing then this role is for you.
Job Responsibilities
- Understand the various use cases and work flows for native/browser access of SaaS apps and support the app access requirements/use cases via Netskope reverse proxy solution. Also maintain & enhance the access control features for the supported SaaS apps.
- Work on re-architecting the deep packet inspection module to make it intelligent and scalable with the goal of achieving higher accuracy in activity detection across a wide range of SaaS applications.
- Work on identifying a smart scalable solution to reduce the cost of building and maintaining SaaS app connectors which are responsible for providing deeper visibility into application activities.
- Work closely with the product management team on the new apps support & to define new access control use cases.
- Involve in the complete development life cycle starting with understanding various requirements understand/define functional specs development with high efficacy/quality & measure the efficacy based on production data.
- Identify gaps in existing solutions/processes and bring in innovative ideas that help evolve the solution over time.
- Work closely with the technical support team to handle customer escalations. Analyze the product gaps that resulted in customer issues and improve the signature resiliency and test strategy.
Preferred Qualification
- Bachelors or Masters degree in Computer Science Engineering or equivalent strongly preferred.
- Minimum 15 years of work experience.
Preferred Technical Skills (must-have)
- Programming Mastery: Expert proficiency in C/C and strong experience with Python.
- Networking Protocol Expertise:
- Deep understanding of networking protocols including TCP/IP HTTP/S WebSocket DNS and TLS/SSL decryption (MITM) techniques.
- Knowledge of L3 VPNs like IPSec and Wireguard.
- Security Domain Experience (L7 & Network):
- Proven experience in data plane/data path development for security products (e.g. Firewalls Proxies IDPS DPI engines).
- Experience in network and web security technologies including Web Application Firewall (WAF) L7 Access-Policies Web Security IDP/IPS DNS-based security and L7 DDoS.
- Must Have: Experience with HTTP proxy development.
- System Architecture:
- Strong understanding of computer architecture concepts like multi-threading CPU scheduling and memory management.
- Good understanding of algorithms and data structures for implementing real-time inline data processing.
- Good hands on experience and knowledge of Linux at a systems level.
- Troubleshooting & Debugging:
- Strong analytical and troubleshooting skills using debuggers like gdb and tools like Valgrind.
- Hands-on experience with packet capture technologies (e.g. tcpdump Wireshark libpcap) for network traffic analysis and troubleshooting.
- Cloud & Containerization:
- Strong knowledge of cloud solution architectures (AWS Azure GCP).
- Direct experience with container orchestration (Kubernetes) and Container Network Interface (CNI) plugins.
- Familiarity with inter-service communication protocols in cloud environments (e.g. gRPC REST).
- Experience in a CASB ZTNA or SSE security environment.
- Contributions to open-source projects.
Additional Technical Skills
- SASE Architecture: Experience working within a SASE (Secure Access Service Edge) architecture is a major plus.
- Authentication & Access Control: Strong knowledge of Authentication technologies including Identity and Access Management SSO SAML OpenID OAuth2 and MFA.
- Generative AI (GenAI) Platforms: Familiarity with GenAI platforms and APIs and their communication patterns (e.g. OpenAI Anthropic Gemini).
- DPDK and VPP architecture knowledge is a plus.
- Testing Methodologies: A proponent of Test-Driven Development (TDD) and knowledge of various unit testing frameworks.
- Advanced Content Analysis: Experience with advanced content analysis or true file type detection.
- Inter-Service Communication: Familiarity with modern cloud protocols like gRPC and REST.
- Security Domain Experience: Experience in a CASB ZTNA or SSE security environment.
- Open-Source Contributions: A history of contributions to open-source projects.
#LI-VJ2
Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion race color sex marital or veteran statues age national origin ancestry physical or mental disability medical condition sexual orientation gender identity/expression genetic information pregnancy (including childbirth lactation and related medical conditions) or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate.
Netskope respects your privacy and is committed to protecting the personal information you share with us please refer toNetskopes Privacy Policyfor more details.
Required Experience:
Staff IC
Employment Type
Full Time
