Airgap Networks is working on cutting edge security solutions for ransomware protection based on a Zero-Trust Isolation Platform that confines ransomware to a single device.
We are looking for experienced Principal Software Engineers with hands-on experience in network security. In-depth knowledge of network security techniques and principles such as Firewalls, Encryption (IPsec), Zero-Trust Network Access technologies and Software Defined Perimeter are required. Should be experienced in working with Linux Kernel namespaces, net-filter, IP tables and ARP-tables. Experience with open-source traffic analysis tools such as Bro/Zeek and using it for network security monitoring is required. Knowledge of cryptographic techniques such as commonly deployed ciphers, hash functions and asymmetric cryptography is a plus.
The ideal candidate also has in depth experience with networking technologies such L2 switching, L3 routing, forwarding and overlay technologies (VxLAN, GRE and Geneve). Familiarity with deep packet inspection (DPI), IDS/IPS, packet classification and visualization are a plus.
The job involves designing innovative and high performing software security solutions for enterprise ransomware protection. The candidate should be able to leverage a combination of off-the-shelf traffic analysis tools and custom code developed in-house to implement network security solutions.
The candidate is expected to work closely with the Platform, Routing and UI/Backend teams to ensure that policy enforcement and traffic visualization are consistent and represented in a meaningful manner.
10+ years software development experience in networking and security including L2/L3 switching and routing, firewall policy enforcement, secure encryption technologies and traffic analysis.
Deep understanding of current network security technologies including but not limited to ARP spoofing, Port/Vulnerability Scanning, IP tables, ARP Tables, Linux Kernel Net filter, traffic analysis with Bro and Zeek, SIEM Engines such as ELK and Splunk.
Knowledge of VPNs, Data Loss Prevention, IDS/IPS, Web proxies and Zero Trust SDP/ZTNA solutions. Knowledge of cryptographic techniques such as commonly deployed ciphers, hash functions and asymmetric cryptography is a plus.
Experience in developing software for VMWare ESX, KVM or Hyper-V.
Experience with Security Enhanced Linux (SELinux) and implementation of fine-grained Mandatory Access Controls is a plus.
Use of ELK/Splunk Analytics platform and other proprietary tools to identify threats, determine root causes and design protection mechanisms.
Ability to work with the Linux kernel TCP/IP stack and leverage key open-source technologies is a must.
Minimum 10 years of related programming experience required. Python and C programming is a must, Golang programming is a plus.
Good communication skills and a flexible mindset to work in small, focused teams and adapt products to fit customer needs.
Our engineering team is at the core of our products – connected directly to our company’s mission of providing the best defense against Ransomware. We are constantly innovating – challenging the way we, and the industry, think about ransomware protection. Our engineers don’t shy away from building products to solve problems no one has pursued before.
We define the industry, instead of waiting for directions. We need individuals who feel comfortable in ambiguity and are excited by the prospect of a challenge.
Bachelor’s or master’s degree in Computer Science or similar field
10+ years of software development experience.
Airgap Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.
This Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.