Principal Engineer on Cloudflare's Cloudforce One threat operations team. Architect and build large-scale distributed systems for threat detection, intelligence, and abuse mitigation across the global network, Kubernetes, and edge platforms. Requires 15+ years cybersecurity and 10+ years distributed systems experience.
Salary not listed
Hybrid15+ YOESecurity Engineering
About the role
Responsibilities
Drive architectural direction and technical strategy across Cloudforce One engineering, spanning services that run in Kubernetes, on the edge (Workers, D1), and across Cloudflare's global network.
Identify and dismantle technical bottlenecks, legacy patterns, and architectural debt that slow down threat detection and abuse response — then replace them with systems that are faster, more reliable, and more elegant.
Design and build critical data pipelines and services to collect, enrich, analyze, and expose threat intelligence and abuse signals at massive scale, helping identify Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs).
Serve as a technical force multiplier across multiple concurrent projects — context-switch between threat intelligence platforms, abuse detection systems, legal response tooling, and customer-facing security products as priorities demand.
Bring a threat-informed perspective to engineering decisions: understand how adversaries adapt, how detection rules degrade, and how to build systems that stay ahead of evolving attack techniques.
Collaborate with Threat Intelligence researchers, Trust & Safety analysts, Product, Legal, and other engineering teams to translate complex security and compliance requirements into scalable, production-grade solutions.
Mentor and elevate the engineering talent around you — set the bar for code quality, system design, operational rigor, and security-first thinking across both organizations.
Develop and champion agentic AI workflows and AI-assisted development practices that accelerate threat hunting, detection engineering, and abuse investigation.
Own the operational excellence of the systems you touch, including participation in on-call rotations and incident response.
Requirements
15+ years of cyber security experience with an emphasis on building systems to present adversarial trends and techniques both as an internal reputational service and a product facing analyst service.
10+ years of experience building and operating large-scale distributed systems in production, with demonstrated expertise in complex system architecture and design.
Deep, hands-on proficiency in Go and/or TypeScript, with production experience deploying services in Kubernetes and on edge computing platforms (e.g., Cloudflare Workers, D1/SQLite-at-the-edge).
Subject matter expertise in threat intelligence, adversarial analysis, or detection engineering — understand the Cyber Kill Chain, know how to track TTPs, and can reason about attacker infrastructure at scale.
Proven ability to work across organizational boundaries and lead technical initiatives that span multiple teams, codebases, and problem domains simultaneously.
Experience with AI-assisted development and agentic AI workflows.
Strong architectural judgment — know when to build, when to refactor, and when to burn it down and start over.
Experience designing and operating critical data pipelines (Kafka, Temporal, or similar) and working with SQL databases (PostgreSQL) and caching layers (Redis) at scale.
Excellent communication skills — explain a complex system design to a VP and debug a race condition with a junior engineer in the same afternoon.
A track record as a disruptor: fundamentally improving how a team, system, or organization operates, not just shipping features.
Nice-to-Haves
Experience in the Trust & Safety or platform abuse domain — phishing detection, malware analysis, fraud prevention, or content moderation at scale.
Proficiency in writing detection rules using YARA, Snort, or similar detection languages.
Experience analyzing adversary TTPs across web-based threat vectors, including phishing obfuscation techniques (HTML encoding, JavaScript redirects, Base64, embedded scripts).
Familiarity with Rust.
Experience with Terraform and infrastructure-as-code practices.
Prior experience building threat intelligence platforms, IOC distribution systems, or automated mitigation pipelines.
Experience with React for internal tooling and analyst-facing applications.
Deep understanding of DNS, TLS/SSL, HTTP, and web security standards.
This role is eligible to participate in Cloudflare’s equity plan.
Principal Security Engineer responsible for setting the bar for software security excellence at Block. Defines multi-year technical strategy, leads development of high-leverage security solutions and infrastructure across business units, drives Secure by Design culture, and mentors InfoSec teams. Requires 10+ years shipping production software with 5+ years scaling security practices.
319k – 479k
On-site10+ YOESecurity Engineering
Principal Network Architect
CommandLinkUnited States
Principal-level network architect to design, expand, and commercialize private connectivity, cloud interconnect, and transport services. Own edge deployments, carrier negotiations, and product packaging for a fully remote infrastructure role.
180k – 250k
Remote7+ YOESecurity Engineering
Principal Architect-Network
ReltioUnited States
Principal Architect defining end-to-end architecture for a multi-tenant cloud-native SaaS data platform. Sets vision across cloud infrastructure, data streaming, AI/ML integration, security, and developer experience while mentoring senior engineers and influencing C-suite decisions.
Salary not listed
Remote20+ YOESecurity Engineering
Principal Security Engineer, Data Security
UpstartUnited States
Principal-level security engineer defining infrastructure security strategy and leading cross-functional efforts to secure cloud, Kubernetes, and developer platforms at scale.
191k – 264k
Remote8+ YOESecurity Engineering
Principal Infrastructure Security Engineer
CrusoeSan Francisco, CA
Lead security architecture for Crusoe's AI cloud infrastructure, driving zero-trust adoption, workload identity, supply chain security, and hardware-to-software protections at hyperscale. Requires 12+ years infrastructure security experience at a major cloud provider.