Principal Tetragon Software Engineer
About the role
Tetragon is a flexible, Kubernetes-aware observability and security tool that delivers real-time insights and enforcement. As a Principal Engineer, you will guide architectural direction while staying deeply engaged in building the systems that power our platform.
Responsibilities
- Develop high-quality Go (and eBPF) code for the Tetragon project.
- Extend Tetragon capabilities to mitigate security vulnerabilities.
- Examples include: Enhance Tetragon to better understand and control the execution flow of native (e.g., written in C/C++) or runtime-based (Java, Python, Go, etc.) applications.
- Enhance Tetragon capabilities to filter malicious network packets that can trigger vulnerabilities in applications / systems.
- Enhance Tetragon, and potentially the kernel and the eBPF sub-system, to mitigate against kernel-level vulnerabilities.
- Design and optimize systems to deploy and manage Tetragon across large fleets, in K8s or other environments (VMs).
- Architect infrastructure that converts raw event data into intelligence streams with minimal performance overhead.
- Partner across teams to align requirements, define integration points, and deliver production-ready solutions.
- Contribute to open-source projects and represent Cisco Isovalent in community discussions.
- Participate in architecture reviews, code reviews, and documentation.
Requirements
- Bachelors + 15 years of related experience, or Masters + 12 years of related experience, or PhD + 8 years of related experience or equivalent experience
- 10+ years of experience in systems programming (C, C++, Go, Rust, or similar; Tetragon is primarily written in Go)
- Proven experience leading technical direction or architecture for runtime security systems, observability, or similar
- Experience in OS-level development, distributed systems, or database systems
- Experience in debugging and performance optimization with a track record of delivering scalable systems
Qualifications
- Experience building eBPF-based systems for observability or security use cases
- Solid background in Linux systems and kernel-level concepts
- Familiarity with Kubernetes and cloud-native environments
- Familiarity with CVE workflows, vulnerability data pipelines, or security event modeling
- Familiarity with how vulnerable software is exploited at all levels
- Strong experience in networking protocol analysis or experience in developing networking switches (e.g., L2/L3 protocols like ARP, DHCP, SNMP)
- Contributions to open-source projects in networking, observability, or distributed systems
- Experience working across diverse, distributed teams
Skills
- Proficiency in Go and eBPF
- Experience with Kubernetes and cloud-native environments
- Knowledge of Linux systems and kernel-level concepts
- Experience with CVE workflows and vulnerability data pipelines
- Experience with networking protocol analysis and switch development
- Experience with open-source project contributions
Benefits
U.S. employees are offered benefits, subject to Cisco’s plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks.
Pay
The starting salary range posted for this position is $231,400.00 to $331,800.00 and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation*, equity, or benefits. Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training.
Schedule
Employees On Sales Plans Earn Performance-based Incentive Pay On Top Of Their Base Salary, Which Is Split Between Quota And Non-quota Components, Subject To The Applicable Cisco Plan.