Remote Software Engineer (Security Platform, Internal PKI)

Description:

• Cloudflare is seeking a Security Platform Engineer to help provide secure infrastructure for one of the largest online platforms globally, managing extensive traffic with low latency.
• The role involves defining the vision for securing Cloudflare's services and contributing to the company's security promise.
• The Security Platform team focuses on secrets and internal certificate management, building robust infrastructure and tools for other engineering teams to deliver secure products efficiently.
• Responsibilities include building and managing a PKI for internal services, creating client-side automation tooling for short-lived certificates, promoting mTLS for service communications, executing CA rotations, and enhancing certificate key protection schemes.

Requirements:

• Candidates must have familiarity with PKI standards and their ecosystem, including X.509 and TLS.
• Experience in running an internal or public PKI with a deep understanding of its requirements and pitfalls is essential.
• Proficiency in coding, specifically in Go or Rust, is required.
• Bonus points for familiarity with SPIFFE/SPIRE or other service identity frameworks, experience with CA rotations in large environments, and working with HSMs, TPMs, or other platform TEEs.

Benefits:

• Cloudflare offers a comprehensive benefits package, including medical, dental, and vision insurance, flexible spending accounts, and global travel medical insurance.
• Financial benefits include short and long-term disability insurance, life and accident insurance, a 401(k) retirement savings plan, and an employee stock participation plan.
• Employees enjoy flexible paid time off for vacation and sick leave, along with various leave programs such as parental, pregnancy health, medical, and bereavement leave.