Software Developer 4

Job Description Join OCI’s Edge Security team as a Principal Software Engineer focused on building and scaling Oracle Cloud Infrastructure’s Web Application Firewall (WAF) platform. You will lead the design and development of highly available, cloud-scale services that protect customer applications from web-based threats, automate security enforcement, and deliver advanced traffic inspection and policy management capabilities across OCI’s global infrastructure. Responsibilities Lead the architecture and delivery of cloud-scale backend services that power OCI’s Web Application Firewall (WAF), API Security, and application protection capabilities.

Design and evolve scalable policy management, rule evaluation, threat detection, bot mitigation, traffic inspection, and security analytics platforms with focus on reliability, performance, and extensibility. Build highly available distributed systems that inspect and process large volumes of HTTP/HTTPS traffic while maintaining low latency and a seamless customer experience. Drive the technical strategy for application security services, partnering with Security Engineering, Product Management, Edge Infrastructure, and Platform teams to deliver new capabilities.

Establish operational excellence through SLOs/SLAs, incident response processes, runbooks, root‑cause analysis, and continuous service improvement. Lead automation initiatives across the software development lifecycle, including CI/CD pipelines, testing frameworks, deployment automation, Infrastructure‑as‑Code, and developer productivity tooling. Mentor engineers, influence technical strategy across organizations, and raise the engineering bar through design reviews and technical leadership.

What You’ll Do Lead the architecture and delivery of cloud-scale backend services that power OCI’s Web Application Firewall (WAF) platform. Design and evolve highly available policy management, rule evaluation, traffic inspection, bot mitigation, API protection, and security analytics services. Build scalable distributed systems that process and analyze high volumes of HTTP/HTTPS traffic while maintaining low latency and high reliability.

Drive engineering excellence through software architecture reviews, design documentation, code quality standards, and operational best practices. Partner closely with Security Engineering, Product Management, SRE, and OCI platform teams to define and deliver next‑generation application security capabilities. Establish robust observability through metrics, logging, tracing, alerting, and performance monitoring to ensure service health and customer visibility.

Lead automation initiatives across the software development lifecycle, including CI/CD, testing frameworks, deployment automation, and Infrastructure‑as‑Code. Drive reliability, scalability, and operational readiness through capacity planning, incident response, root‑cause analysis, and continuous improvement. How You’ll Have Impact Deliver core WAF capabilities that protect OCI customers from application‑layer attacks while maintaining performance and availability.

Launch customer‑facing security features that provide visibility, protection, automation, and policy control at cloud scale. Improve the scalability, reliability, and operational maturity of OCI’s application security platform. Raise engineering quality and technical standards through mentorship, architectural leadership, and continuous improvement initiatives.

Ways of Working Security, privacy, and reliability by design with secure development practices embedded throughout the software lifecycle. Data‑driven decision making supported by clear metrics, SLOs, operational reviews, and measurable customer outcomes. Collaborative engineering culture focused on design reviews, code reviews, technical excellence, knowledge sharing, and continuous learning.

Preferred Qualifications Experience building or operating Web Application Firewall (WAF), API Security, Bot Management, CDN, Edge Computing, or related security products. Knowledge of common web application attack vectors, including OWASP Top 10 vulnerabilities, credential abuse, automated attacks, and API threats. Experience with rule engines, policy evaluation systems, threat detection platforms, or traffic inspection technologies.

Background building high‑throughput analytics, telemetry, or event‑processing pipelines for real‑time security insights. Experience operating globally distributed services across multiple regions and availability domains. Familiarity with modern security architectures, Zero Trust principles, identity and access management, and secure service‑to‑service communication.

Experience with compliance, audit readiness, and security‑by‑design development practices. Contributions to open‑source software, security tooling, or cloud infrastructure projects. Qualifications 7–10+ years building production software systems, including experience developing large‑scale distributed services in cloud or SaaS environments.

Strong proficiency in one or more of the following languages: Java, Go, Python, C++, or Rust. Deep expertise in distributed systems design, including scalability, resiliency, concurrency, fault tolerance, service communication, and API design. Strong understanding of HTTP/HTTPS, REST APIs, TLS, reverse proxies, caching, load balancing, and web application architectures.

Experience building customer‑facing platform services with strict requirements around availability, performance, and operational excellence. Proven experience with cloud‑native technologies, including containers, Kubernetes, CI/CD pipelines, Infrastructure‑as‑Code, and automated testing frameworks. Strong software engineering fundamentals, including design patterns, performance optimization, code quality, and secure software development practices.

Experience building observability solutions using metrics, distributed tracing, centralized logging, dashboards, and alerting systems. Demonstrated ability to lead complex technical initiatives and influence architecture decisions across multiple engineering teams. Excellent communication and collaboration skills with a track record of working effectively across engineering, security, product, and operations organizations.

Benefits Medical, dental, and vision insurance, including expert medical opinion Short‑term disability and long‑term disability Life insurance and AD&D Supplemental life insurance (Employee/Spouse/Child) Health care and dependent care Flexible Spending Accounts Pre‑tax commuter and parking benefits 401(k) Savings and Investment Plan with company match Paid time off, flexible vacation for salaried positions, accrued vacation for other employees 11 paid holidays Paid sick leave: 72 hours upon hire, refreshed annually Paid parental leave Adoption assistance Employee Stock Purchase Plan Financial planning and group legal Voluntary benefits including auto, homeowner, and pet insurance Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: (list above).

Job posted open, accepting applications; role will remain posted as long as available. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. #J-18808-Ljbffr