Software Engineer, Cloudflare

Security Platform, Internal PKI


+ Equity. Salary dependent on location

Junior, Mid and Senior level
Remote in US

Web performance and security platform

Open for applications


Web performance and security platform

1001+ employees

B2BEnterpriseAnalyticsSaaSCyber Security

Open for applications


+ Equity. Salary dependent on location

Junior, Mid and Senior level
Remote in US

1001+ employees

B2BEnterpriseAnalyticsSaaSCyber Security

Company mission

Cloudflare's mission is to help build a better Internet that is bold and ambitious.


Who you are

  • We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that
  • Familiarity with PKI standards and their surrounding ecosystem (X.509, TLS, etc.)
  • Experience running an internal or public PKI with deep understanding of their requirements and pitfalls
  • Worked with codebases and developed in Go or Rust


  • Familiarity with SPIFFE/SPIRE or other service identity framework/standards
  • Experience executing CA rotations for a reasonably large environment
  • Worked with HSMs, TPMs, or other platform TEEs (AMD SEV, Intel SGX, Apple Secure Enclave)

What the job involves

  • As a Security Platform Engineer at Cloudflare you will help us provide a secure infrastructure for one of the biggest online platforms in the world, handling extensive amounts of traffic at very low latency
  • You will be instrumental at defining the vision to help secure Cloudflare going forward
  • Cloudflare firmly believes that security is an integral part of our product offerings, and the qualified candidate will directly contribute to delivering on that promise
  • The Security Platform team is responsible for secrets and internal certificate management at Cloudflare, and has the mandate of building powerful and robust infrastructure and tools that enable other engineering teams to deliver secure products to our customers without sacrificing development velocity
  • Build and manage the PKI that provides trusted certificates to all of our internal services with fine-grained authentication and authorization controls
  • Create and support robust client-side automation tooling to enable the use of short-lived certificates while maintaining reliability
  • Promote the use of strongly-authenticated mTLS for all service-to-service communications and work with other engineering teams to develop solutions for their use cases
  • Communicate and execute on periodic CA rotations and migration to best practices
  • Contribute to the strengthening of CA and leaf certificate key protection schemes to elevate our security profile

Otta's take

Xav Kearney headshot

Xav Kearney

CTO of Otta

Cloudflare is a multi-service global network that provides web security and infrastructure, DDoS mitigation services, and a content delivery network. Founded in 2009, Cloudflare has risen to become an industry giant, with around 25 million global internet properties on its network.

Cloudflare has been responsible for a number of admirable initiatives, offering free web protection to human rights groups, journalists, artists, and US election websites. This goes some way to counteracting the flak Cloudflare has received in some circles for the controversial groups and users who use its services. This chequered history, however, has not affected its over 80% market share in the content delivery network field.

This is perhaps in part because it has proven sharp at staying abreast of the rapidly morphing tech and digital space and customer demands. For example, Cloudflare is shifting to 100% renewable energy usage to create a zero-emissions internet, and in 2020 released a feature that would help users navigate data privacy regulations by selecting where their data is stored.

The cloud infrastructure market reached $53 billion in 2022. While the Big 3 (Amazon, Microsoft, and Google) own 65% of the market, that still leaves billions of dollars left for companies such as Cloudflare. Its ambitious and successful work is likely to continue being a crucial feature of the web, but in 2023, placed it in the crosshairs of hackers looking to exploit its infrastructure. The beginning of 2024 saw Cloudflare vow to bolster its security and patch vulnerabilities.


Led by a woman

Some candidates hear
back within 2 weeks

16% employee growth in 12 months


Company benefits

  • Minimum 8 weeks of paid parental leave
  • Equal opportunity employer
  • Unlimited paid time off policy
  • Work from home opportunities
  • Medical, Dental & Vision Insurance
  • Life Insurance, Disability Insurance
  • 401(k) plans
  • Family planning and fertility program
  • Gym discounts
  • Commuter Benefits Program

Company values

  • Principled - We create our products and features with a global mindset and democratize important and innovative technologies that drive adoption of the latest standards
  • Curious - Our team is made up of pioneering innovators that approach new challenges with interest and a desire to learn
  • Transparent - We hold ourselves accountable when we make mistakes—and we do everything we can to learn from them

Company HQ

China Basin, San Francisco, CA


Lee Holloway

(Lead Engineer)

Lee started their career as an Engineer at Homewarehouse for a year before working at Unspam Technologies for 4 years. They co-created Project Honey Pot in 2004 and Cloudflare in March 2009, serving as Lead Engineer of both to present.

Michelle Zatlyn

(President & COO)

Having worked for Investor Economics and I Love Rewards for a combined 4 years, Michelle worked at Toshiba for 3 years as a Product Manager. She then co-founded Cloudflare in 2009 as COO, and has served as President since 2020. She is also a Board Member at Atlassian.

Matthew studied for an MBA at Harvard Business School before co-founding Unspam Technologies in December 2001, and Cloudflare as CEO in March 2009.

Share this job

View 109 more jobs at Cloudflare