Job Details
Principal Network Developer
**Job Description**
The IES Application Security Edge Network team designs, builds, and operates the L4-L7 load balancing estate that underpins our SaaS and tenant environments across OCI, including US Government and Federal regions. You will architect, automate,
and operate highly available load balancing services (LBaaS), web application delivery, and traffic management at scale-ensuring "Site UP" through reliability, performance, security, and cost efficiency. As part of a high-impact team of Network
Development Engineers and Network Services Engineers, you'll lead modernization and migration to next-gen OCI networking with a deep focus on application delivery, traffic engineering, and observability.
Ideal Candidate
You're a data-driven problem solver who thrives on simplifying complex systems. You believe in automation first, security-by-design, and measurable outcomes. You're pragmatic, curious, and customer-obsessed-with a passion for building resilient L4-L7 services at scale.
Role-Specific Responsibilities (Load Balancing Focus):
- Design, migrate, and support OCI-native and multi-cloud load balancing services (OCI LBaaS, API Gateway, WAF, DNS steering), including US Government and Federal environments.
- Architect and deliver Virtual Cloud Network (VCN) integrations for global SaaS and GIU tenants, focusing on edge and internal application delivery, zero-downtime cutovers, and blue/green traffic shifting.
- Engineer L4-L7 policies: TLS termination/offload, mTLS, SNI, cipher/hardening, HTTP/2/3, header and cookie-based routing, gRPC, URL rewriting, health checks, connection pooling, and keepalive tuning.
- Implement and manage global and regional traffic distribution: anycast/GSLB/DNS-based traffic steering, failover policies, origin health, weighted routing, geolocation, and proximity policies.
- Integrate WAF/bot mitigation, DDoS protections, and rate limiting with LB data paths; enforce security posture through least privilege, secrets management, and certificate lifecycle automation.
- Lead CSSAP documentation and reviews for L4-L7 components; guide GIUs, Oracle Health, and AI teams to meet compliance, FedRAMP/FISMA-aligned controls, and audit requirements.
- Build Infrastructure as Code (IaC) for LB services (Terraform/Shepherd), including reusable modules, versioned policies, and automated change validation and rollbacks.
- Define SLOs/SLAs/OLAs for LB availability, latency, and error budgets; implement telemetry, KPIs, and OKRs across capacity, performance, and security.
- Drive incident reduction via RCA/Problem Management; lead change and release reviews for LB and edge network components.
- Partner with application and platform teams to translate system demands (throughput, RPS, connection concurrency, TLS handshakes) into scalable LB designs and capacity models.
- Own certificate, key, and secret lifecycle for public and private endpoints; integrate with PKI/HSM as required.
- Evaluate new LB features/releases and standardize patterns for Live Site adoption (e.g., HTTP/3/QUIC, advanced health algorithms, adaptive routing).
- Lead automation and innovation workshops on LBaaS patterns, policy-as-code, and self-service enablement.
**Responsibilities**
Required Qualifications
- US citizenship and successful federal background check (e.g., SF-85) required.
- Bachelor's in Computer Science or related field, or equivalent practical experience.
- 3+ years engineering and operating carrier-grade or web-scale networked services, with direct ownership of L4-L7/load balancing or application delivery systems.
- 3+ years hands-on with Virtual Cloud Networks in OCI/Azure/AWS/GCP; strong understanding of cloud-native LBaaS constructs and service insertion patterns.
- Expert-level lifecycle management for cloud/network platforms with robust documentation of designs, configurations, and MOPs/rollback plans.
- Advanced IaC with Terraform and Shepherd; proficiency with Git-based workflows (branching, PRs, code review).
- Deep knowledge of IP/BGP/EGP/MPLS/OSPF/IS-IS/IPsec/NAT and their interaction with edge/LB designs (anycast, VIP advertising, HA).
- Strong L4-L7 protocol expertise: TCP/UDP tuning, TLS/SSL, HTTP/HTTPS, HTTP/2/3, DNS, SMTP, SSH; able to analyze packet flows, latency sources, and handshake performance.
- Advanced automation using a combination of Python, Ansible, Chef, Docker, Terraform, Shepherd, JSON, REST/iControl/iControlRest, Bash, and YAML.
- Proven experience with IaaS, PaaS, SaaS, and especially LBaaS-design, operations, and troubleshooting at scale.
- Advanced capacity management for LBs: connection concurrency, RPS, certificate/TLS CPU sizing, autoscaling strategies, performance optimization.
- Familiarity with observability for LBs: defining KPIs/SLOs, synthetic health, logs/metrics/traces, and alert thresholds for new services.
Additional Preferred Skills and Experience
- 3+ years cloud network service design/management with emphasis on L4-L7 and application delivery controllers (ADC).
- Experience with OCI Load Balancer, OCI WAF, DNS Traffic Steering; plus familiarity with F5 BIG-IP/TMOS, NGINX/NGINX Plus, HAProxy, Envoy, or cloud-native gateway controllers.
- Experience with certificate and key management at scale (ACME automation, PKI, HSM/KMS integration), and TLS policy governance.
- Hands-on with Linux/Unix; performance tuning for user space/kernel networking (e.g., SO_REUSEPORT, Epoll, TCP settings).
- Experience integrating LBs with CI/CD pipelines; policy-as-code, config validation/testing, canary/blue-green, and progressive delivery.
- Experience with Agile/Scrum; change and release management best practices for Live Site.
- Experience translating Incident ? Problem via automation, defect cataloging, data warehousing, and analytics; practical use of APEX, Oracle BI, Grafana, or Power BI.
- Proficiency with IPAM/DNS tooling (BlueCat/Infoblox/IP Control) and automation.
- Demonstrated ability to define and measure OKRs, KPIs, OLAs, and SLAs specific to application delivery and edge services.
- Experience with databases (Oracle Autonomous Database, SQL Server, MySQL, PL/SQL) for analytics/metadata and reporting pipelines is a plus.
Security, Compliance, and Best Practices
- Embed security and privacy by design; align with Oracle security standards and regulatory obligations.
- Ensure changes follow gated reviews, automated testing, and auditable approvals.
- Maintain least-privilege access, secrets hygiene, and configuration drift controls.
Disclaimer:
**Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.**
**Range and benefit information provided in this posting are specific to the stated locations only**
US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle US offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto, homeowner and pet insurance
The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.
Career Level - IC4
**About Us**
Only Oracle brings together the data, infrastructure, applications, and expertise to power everything from industry innovations to life-saving care. And with AI embedded across our products and services, we help customers turn that promise into a better future for all. Discover your potential at a company leading the way in AI and cloud solutions that impact billions of lives.
True innovation starts when everyone is empowered to contribute. That's why we're committed to growing a workforce that promotes opportunities for all with competitive benefits that support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling 1-888-404-2494 in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
The IES Application Security Edge Network team designs, builds, and operates the L4-L7 load balancing estate that underpins our SaaS and tenant environments across OCI, including US Government and Federal regions. You will architect, automate,
and operate highly available load balancing services (LBaaS), web application delivery, and traffic management at scale-ensuring "Site UP" through reliability, performance, security, and cost efficiency. As part of a high-impact team of Network
Development Engineers and Network Services Engineers, you'll lead modernization and migration to next-gen OCI networking with a deep focus on application delivery, traffic engineering, and observability.
Ideal Candidate
You're a data-driven problem solver who thrives on simplifying complex systems. You believe in automation first, security-by-design, and measurable outcomes. You're pragmatic, curious, and customer-obsessed-with a passion for building resilient L4-L7 services at scale.
Role-Specific Responsibilities (Load Balancing Focus):
- Design, migrate, and support OCI-native and multi-cloud load balancing services (OCI LBaaS, API Gateway, WAF, DNS steering), including US Government and Federal environments.
- Architect and deliver Virtual Cloud Network (VCN) integrations for global SaaS and GIU tenants, focusing on edge and internal application delivery, zero-downtime cutovers, and blue/green traffic shifting.
- Engineer L4-L7 policies: TLS termination/offload, mTLS, SNI, cipher/hardening, HTTP/2/3, header and cookie-based routing, gRPC, URL rewriting, health checks, connection pooling, and keepalive tuning.
- Implement and manage global and regional traffic distribution: anycast/GSLB/DNS-based traffic steering, failover policies, origin health, weighted routing, geolocation, and proximity policies.
- Integrate WAF/bot mitigation, DDoS protections, and rate limiting with LB data paths; enforce security posture through least privilege, secrets management, and certificate lifecycle automation.
- Lead CSSAP documentation and reviews for L4-L7 components; guide GIUs, Oracle Health, and AI teams to meet compliance, FedRAMP/FISMA-aligned controls, and audit requirements.
- Build Infrastructure as Code (IaC) for LB services (Terraform/Shepherd), including reusable modules, versioned policies, and automated change validation and rollbacks.
- Define SLOs/SLAs/OLAs for LB availability, latency, and error budgets; implement telemetry, KPIs, and OKRs across capacity, performance, and security.
- Drive incident reduction via RCA/Problem Management; lead change and release reviews for LB and edge network components.
- Partner with application and platform teams to translate system demands (throughput, RPS, connection concurrency, TLS handshakes) into scalable LB designs and capacity models.
- Own certificate, key, and secret lifecycle for public and private endpoints; integrate with PKI/HSM as required.
- Evaluate new LB features/releases and standardize patterns for Live Site adoption (e.g., HTTP/3/QUIC, advanced health algorithms, adaptive routing).
- Lead automation and innovation workshops on LBaaS patterns, policy-as-code, and self-service enablement.
**Responsibilities**
Required Qualifications
- US citizenship and successful federal background check (e.g., SF-85) required.
- Bachelor's in Computer Science or related field, or equivalent practical experience.
- 3+ years engineering and operating carrier-grade or web-scale networked services, with direct ownership of L4-L7/load balancing or application delivery systems.
- 3+ years hands-on with Virtual Cloud Networks in OCI/Azure/AWS/GCP; strong understanding of cloud-native LBaaS constructs and service insertion patterns.
- Expert-level lifecycle management for cloud/network platforms with robust documentation of designs, configurations, and MOPs/rollback plans.
- Advanced IaC with Terraform and Shepherd; proficiency with Git-based workflows (branching, PRs, code review).
- Deep knowledge of IP/BGP/EGP/MPLS/OSPF/IS-IS/IPsec/NAT and their interaction with edge/LB designs (anycast, VIP advertising, HA).
- Strong L4-L7 protocol expertise: TCP/UDP tuning, TLS/SSL, HTTP/HTTPS, HTTP/2/3, DNS, SMTP, SSH; able to analyze packet flows, latency sources, and handshake performance.
- Advanced automation using a combination of Python, Ansible, Chef, Docker, Terraform, Shepherd, JSON, REST/iControl/iControlRest, Bash, and YAML.
- Proven experience with IaaS, PaaS, SaaS, and especially LBaaS-design, operations, and troubleshooting at scale.
- Advanced capacity management for LBs: connection concurrency, RPS, certificate/TLS CPU sizing, autoscaling strategies, performance optimization.
- Familiarity with observability for LBs: defining KPIs/SLOs, synthetic health, logs/metrics/traces, and alert thresholds for new services.
Additional Preferred Skills and Experience
- 3+ years cloud network service design/management with emphasis on L4-L7 and application delivery controllers (ADC).
- Experience with OCI Load Balancer, OCI WAF, DNS Traffic Steering; plus familiarity with F5 BIG-IP/TMOS, NGINX/NGINX Plus, HAProxy, Envoy, or cloud-native gateway controllers.
- Experience with certificate and key management at scale (ACME automation, PKI, HSM/KMS integration), and TLS policy governance.
- Hands-on with Linux/Unix; performance tuning for user space/kernel networking (e.g., SO_REUSEPORT, Epoll, TCP settings).
- Experience integrating LBs with CI/CD pipelines; policy-as-code, config validation/testing, canary/blue-green, and progressive delivery.
- Experience with Agile/Scrum; change and release management best practices for Live Site.
- Experience translating Incident ? Problem via automation, defect cataloging, data warehousing, and analytics; practical use of APEX, Oracle BI, Grafana, or Power BI.
- Proficiency with IPAM/DNS tooling (BlueCat/Infoblox/IP Control) and automation.
- Demonstrated ability to define and measure OKRs, KPIs, OLAs, and SLAs specific to application delivery and edge services.
- Experience with databases (Oracle Autonomous Database, SQL Server, MySQL, PL/SQL) for analytics/metadata and reporting pipelines is a plus.
Security, Compliance, and Best Practices
- Embed security and privacy by design; align with Oracle security standards and regulatory obligations.
- Ensure changes follow gated reviews, automated testing, and auditable approvals.
- Maintain least-privilege access, secrets hygiene, and configuration drift controls.
Disclaimer:
**Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.**
**Range and benefit information provided in this posting are specific to the stated locations only**
US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle US offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto, homeowner and pet insurance
The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.
Career Level - IC4
**About Us**
Only Oracle brings together the data, infrastructure, applications, and expertise to power everything from industry innovations to life-saving care. And with AI embedded across our products and services, we help customers turn that promise into a better future for all. Discover your potential at a company leading the way in AI and cloud solutions that impact billions of lives.
True innovation starts when everyone is empowered to contribute. That's why we're committed to growing a workforce that promotes opportunities for all with competitive benefits that support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling 1-888-404-2494 in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
Job #NLX288612856