# Principal Engineer

**Company:** [Cloudflare](https://hotfix.jobs/companies/cloudflare)
**Location:** Unspecified
**Role:** Security Engineering
**Experience:** 15+ years
**Skills:** Go, TypeScript, Kubernetes, Cloudflare Workers, Threat Intelligence, Detection Engineering, Distributed Systems, Kafka, Postgres, Redis, AI Workflows, Terraform, Yara, Rust, React
**Posted:** 2026-06-29

> Principal Engineer on Cloudflare's Cloudforce One threat operations team. Architect and build large-scale distributed systems for threat detection, intelligence, and abuse mitigation across the global network, Kubernetes, and edge platforms. Requires 15+ years cybersecurity and 10+ years distributed systems experience.

## Job Description

## Responsibilities
- Drive architectural direction and technical strategy across Cloudforce One engineering, spanning services that run in Kubernetes, on the edge (Workers, D1), and across Cloudflare's global network.
- Identify and dismantle technical bottlenecks, legacy patterns, and architectural debt that slow down threat detection and abuse response — then replace them with systems that are faster, more reliable, and more elegant.
- Design and build critical data pipelines and services to collect, enrich, analyze, and expose threat intelligence and abuse signals at massive scale, helping identify Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs).
- Serve as a technical force multiplier across multiple concurrent projects — context-switch between threat intelligence platforms, abuse detection systems, legal response tooling, and customer-facing security products as priorities demand.
- Bring a threat-informed perspective to engineering decisions: understand how adversaries adapt, how detection rules degrade, and how to build systems that stay ahead of evolving attack techniques.
- Collaborate with Threat Intelligence researchers, Trust & Safety analysts, Product, Legal, and other engineering teams to translate complex security and compliance requirements into scalable, production-grade solutions.
- Mentor and elevate the engineering talent around you — set the bar for code quality, system design, operational rigor, and security-first thinking across both organizations.
- Develop and champion agentic AI workflows and AI-assisted development practices that accelerate threat hunting, detection engineering, and abuse investigation.
- Own the operational excellence of the systems you touch, including participation in on-call rotations and incident response.

## Requirements
- 15+ years of cyber security experience with an emphasis on building systems to present adversarial trends and techniques both as an internal reputational service and a product facing analyst service.
- 10+ years of experience building and operating large-scale distributed systems in production, with demonstrated expertise in complex system architecture and design.
- Deep, hands-on proficiency in Go and/or TypeScript, with production experience deploying services in Kubernetes and on edge computing platforms (e.g., Cloudflare Workers, D1/SQLite-at-the-edge).
- Subject matter expertise in threat intelligence, adversarial analysis, or detection engineering — understand the Cyber Kill Chain, know how to track TTPs, and can reason about attacker infrastructure at scale.
- Proven ability to work across organizational boundaries and lead technical initiatives that span multiple teams, codebases, and problem domains simultaneously.
- Experience with AI-assisted development and agentic AI workflows.
- Strong architectural judgment — know when to build, when to refactor, and when to burn it down and start over.
- Experience designing and operating critical data pipelines (Kafka, Temporal, or similar) and working with SQL databases (PostgreSQL) and caching layers (Redis) at scale.
- Excellent communication skills — explain a complex system design to a VP and debug a race condition with a junior engineer in the same afternoon.
- A track record as a disruptor: fundamentally improving how a team, system, or organization operates, not just shipping features.

## Nice-to-Haves
- Experience in the Trust & Safety or platform abuse domain — phishing detection, malware analysis, fraud prevention, or content moderation at scale.
- Proficiency in writing detection rules using YARA, Snort, or similar detection languages.
- Experience analyzing adversary TTPs across web-based threat vectors, including phishing obfuscation techniques (HTML encoding, JavaScript redirects, Base64, embedded scripts).
- Familiarity with Rust.
- Experience with Terraform and infrastructure-as-code practices.
- Prior experience building threat intelligence platforms, IOC distribution systems, or automated mitigation pipelines.
- Experience with React for internal tooling and analyst-facing applications.
- Deep understanding of DNS, TLS/SSL, HTTP, and web security standards.

This role is eligible to participate in Cloudflare’s equity plan.

## Similar roles

- [Principal Security Engineer](https://hotfix.jobs/jobs/40a2458a-4a6c-488f-9347-eec2d58c26c2) - Square - California - $319k – $479k/yr
- [Principal Network Architect](https://hotfix.jobs/jobs/02f4a45c-714e-44e7-9877-788f106ac0dc) - CommandLink - Remote - $180k – $250k/yr
- [Principal Architect-Network](https://hotfix.jobs/jobs/5581ec57-7724-42e8-bac8-d492469fe568) - Reltio - Remote
- [Principal Security Engineer, Data Security](https://hotfix.jobs/jobs/66269b15-50ad-41f1-a864-a184462bfff5) - Upstart - Remote - $191k – $264k/yr
- [Principal Infrastructure Security Engineer](https://hotfix.jobs/jobs/fdaecf48-c221-4556-b4cf-722bfc4d05ed) - Crusoe - San Francisco, CA - $280k – $330k/yr

**Apply:** https://hotfix.jobs/jobs/46a4afc9-5345-4be5-bd6e-c57f0523c032
**Canonical:** https://hotfix.jobs/jobs/46a4afc9-5345-4be5-bd6e-c57f0523c032