Your browser cookies must be enabled in order to apply for this job. Please contact if you need further instruction on how to do that.

Software Engineer - Network Transport Security

Engineering | San Jose, CA | Full Time

Job Description

Have you always had the itch to be part of a startup? Have you dreamt of taking on something transformational, unique and challenging that gives you a high every time? Well, you might be interested in what CloudGenix is after.

Right now in super-stealth mode, at CloudGenix we want to disrupt decades-old practices in networking. You can expect to be surrounded by super-energy folks and take on tough challenges in the networking space that have been safely shoved aside in the past.



• Lead the architecture, design and development of network transport security control plane and associated networking layers.

• Engage with system and solution architects in shaping the first version of the product from scratch.

• Be the driving force behind networking simplicity with a push towards zero-touch secure networking.



• In depth understanding of transport security requirements and solutions related to authentication/authorization, key exchange, bulk cryptography, message signing

• In depth knowledge of PKI – Certificates, Public/Private Key uses in PKI, CA validation, OCSP

• Detailed protocol level understanding and implementation experience of control and data planes with one of of SSL/TLS or IPSEC VPNs is a must

• If IPSEC VPN background then solid implementation experience with IKEv1, IKEv2, AH, ESP. Certificate based authentications

• If SSL/TLS background then solid implementation experience of TLS v1.0/v1.1/v1.2 handshake, session cache management, bi-directional certificate authentication and validation.

• 5+ years relevant experience with a BS or MS degree in relevant field.

• 3+ years as a senior/lead engineer on a VPN project/product where you drove a scalable and flawless implementation of secure connectivity between network devices.


Bonus Points:

• L3/4 Firewall implementations

• Background in freeSwan, strongSwan, Racoon, Racoon2

• Background in OpenVPN

• Kerberos based authentication

• Development under Linux environment

• Understanding of DMVPN, GETVPN, EZVPN

• HW based offload of VPN traffic on consumer class and enterprise class SoC

• Multi-core design and implementation that scales on capacity and performance vectors for encryption and decryption

• Networking protocols – BGP, OSPF and their interactions with dynamic VPN tunnels.