Job Overview
Location
Remote
Job Type
Full-time
Category
Product Management
Date Posted
October 27, 2025
Full Job Description
đź“‹ Description
- • Own and evolve our global, multi-cloud network architecture that underpins every scan, every report, and every customer dashboard across Black Duck’s security platform. You will architect, automate, and harden the network paths that move petabytes of vulnerability and license data from thousands of customer integrations to our analytics engines and back again—sub-second latency and five-nines reliability are not aspirational; they are the baseline.
- • Lead a distributed team of senior network and DevSecOps engineers, setting technical direction, mentoring on advanced routing, firewall automation, and zero-trust design patterns, and ensuring every design review raises the bar for security, performance, and cost efficiency.
- • Translate complex business requirements into elegant network solutions: e.g., when a Fortune 50 customer demands isolated scanning VPCs with private connectivity back to their on-prem GitHub Enterprise, you will craft the Terraform, BGP, and IPSec templates that deliver it in days, not weeks.
- • Drive continuous observability by implementing flow logs, synthetic probes, and eBPF-based telemetry that surface micro-outages before customers notice them. You will own the SLI/SLO framework and wake up proud when error budgets are rarely burned.
- • Automate everything. From CI-driven firewall rule testing to self-service VPN onboarding, you will champion Infrastructure-as-Code (Terraform, Ansible, Salt) and GitOps workflows that let any engineer propose a change, see the blast radius in a pull-request plan, and ship with confidence.
- • Partner with Product Security and Compliance teams to embed network-level guardrails for SOC 2 Type II, FedRAMP High, and ISO 27001 controls. You will translate auditor language into practical network segmentation, encryption-in-transit standards, and evidence automation.
- • Optimize global traffic flows and cloud egress costs by tuning anycast, Cloudflare Argo, and AWS Global Accelerator paths. You will present quarterly cost-optimization reports to Finance, showing how smarter peering and reserved capacity saved six figures.
- • Plan and execute zero-downtime migrations—whether moving a regional datacenter to AWS Outposts or replacing legacy firewalls with cloud-native Gateway Load Balancers—while coordinating 24×7 NOC runbooks and customer communications.
- • Serve as the highest escalation point for P1 incidents, jumping on bridges, packet-sniffing with tcpdump, and publishing blameless post-mortems that turn outages into learning gold.
- • Contribute to open-source tooling (e.g., upstream patches to Cilium, Calico, or FRR) and represent Black Duck at conferences, reinforcing our reputation as thought leaders in secure, scalable networking.
- • Champion a culture of psychological safety where junior engineers feel empowered to question designs and senior engineers stay curious about new protocols like QUIC, HTTP/3, or eBPF-based service meshes.
- • Forecast capacity 12–18 months ahead, translating product roadmap growth (new data centers, customer regions, or acquisitions) into concrete network hardware budgets and cloud reservations.
- • Build disaster-recovery playbooks that prove we can lose an entire AWS region and still deliver scan results within SLA. You will run quarterly game-days, injecting chaos with Gremlin or Chaos Monkey to validate resiliency.
- • Collaborate with Sales Engineering to craft bespoke network diagrams for prospects under NDA, turning complex requirements into crisp, trust-building visuals that close multi-million-dollar deals.
🎯 Requirements
- • 8+ years designing and operating production networks at scale (10k+ hosts, multi-region, multi-cloud) with deep expertise in BGP, OSPF, MPLS, IPSec, and TLS 1.3.
- • Demonstrated mastery of Infrastructure-as-Code using Terraform, CloudFormation, or Pulumi; you must have authored reusable modules that other teams consume.
- • Hands-on experience with at least one major cloud provider (AWS, Azure, GCP) including VPC design, Transit Gateway, PrivateLink, or equivalent, plus familiarity with zero-trust frameworks (BeyondCorp, Zscaler, Cloudflare ZTNA).
- • Nice-to-have: Contributions to open-source networking projects (FRR, Cilium, Envoy) or holding current certifications such as CCIE, AWS Networking Specialty, or CNCF CKS.
🏖️ Benefits
- • Fully remote-first culture with quarterly in-person engineering summits in locations voted on by the team.
- • Annual $3,500 professional-development stipend plus five paid “learning days” to attend conferences, pursue certifications, or hack on passion projects.
- • Premium medical, dental, and vision coverage for you and dependents at no employee cost, plus 12 weeks of gender-neutral parental leave.
- • Equity in a high-growth, profitable cybersecurity leader with a track record of successful IPOs and generous employee stock-purchase plans.
Skills & Technologies
Senior
Remote
About Black Duck Software, Inc.
Black Duck Software provides automated solutions for managing security, license compliance, and code quality in open-source software. Its flagship platform scans applications to identify open-source components, detect known vulnerabilities, enforce license policies, and prioritize remediation. Serving development, security, and DevOps teams, the company integrates with CI/CD pipelines to deliver continuous monitoring and governance across the software supply chain. Founded in 2003 and headquartered in Burlington, Massachusetts, Black Duck became part of Synopsys in 2017 but continues to operate under its own brand, helping organizations reduce risk and accelerate secure software delivery.
