AI Insights
Cloudflare

Team Lead - Security Platform

Cloudflare · Austin, Texas, US
full-timelead (5-15 yrs)Posted 61d ago
Software EngineeringM1IC + ManagementHybrid (3d)
StackGoPythonSaltHashiCorp VaultOpenBaoPKIX.509 certificatesHSMsTPMsAMD SEVIntel SGXApple Secure EnclaveCryptographyLinuxUNIXDistributed SystemsSecrets ManagementMachine IdentityWorkload IdentityOpen Source Development

Summary

Engineering Team Lead role at Cloudflare responsible for building and operating secure distributed infrastructure for secrets management, PKI, and machine/workload identity across a global network spanning 310+ cities and 120+ countries.

About the role

About Us

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company. 

At Cloudflare, we’re not looking for people who wait for a polished roadmap; we’re looking for the builders who see the cracks in the Internet that everyone else has simply learned to live with. We value candidates who have the instinct to spot a "normalized" problem and the AI-native curiosity to create a solution using the latest tools. Our culture is built on iteration, leveraging AI to ship faster today to make it better tomorrow, while ensuring that every improvement, no matter how small, is shared across the team to lift everyone up. If you’re the type of person who values curiosity over bureaucracy, and that AI is a partner in solving tough problems to keep the Internet moving forward, you’ll fit right in.

Available Locations: Austin, Denver, Atlanta, Washington DC, Seattle, New York, Toronto Canada preferred; other locations in North America also possible.

About the team
The Security Platform team is an infrastructure/developer tools group tasked with building and operating powerful, resilient, and secure infrastructure and systems that enable other engineering teams to deliver products to our customers efficiently and securely. We are responsible for secrets management, internal certificate authorities/PKI, machine and workload identity, and more. This is not a policy, audit, or compliance team, but rather an infrastructure engineering/software development one.

What you’ll do
You’ll lead the team in building and operating secure and resilient distributed systems for secrets and key management, running across our network that spans more than 310 cities in over 120 countries. The team's focus is strengthening/re-architecting internal PKI and machine/workload identity. You’ll run and support the systems we build, both in an operational sense and by helping other internal developers use them.
 
You'll organize and plan the team's long-term roadmap and day-to-day work. You'll review and sign off on technical designs, project plans, and code; providing guidance to ensure quality, resilience, and security. You'll participate in design and implementation, personally leading projects as needed. You'll support the growth and career development of your team, delegating tasks as appropriate. People management responsibilities (performance management, compensation planning, etc) may be entirely in your hands or supported by senior management, depending on your level and preferences.

Required skills
  • Team leadership/management; level and years of experience are flexible.
  • Excellent verbal and written communication.
  • Software development and distributed systems design expertise.
  • Strong security background with a focus on implementation, not policy/compliance.
Bonus nice-to-have skills
  • Track record of contributing to open source security or distributed systems projects.
  • Cryptography background and ability to work with cryptosystems at the primitives level.
  • Experience with HSMs, TPMs, or other platform TEEs (e.g. AMD SEV, Intel SGX, Apple Secure Enclave).
  • Familiarity with HashiCorp Vault or OpenBao, or similar.
  • Linux/UNIX system administration proficiency.
  • Familiarity with Go and/or Python + Salt specifically.

Equity

This role is eligible to participate in Cloudflare’s equity plan.

Benefits

Cloudflare offers a complete package of benefits and programs to support you and your family.  Our benefits programs can help you pay health care expenses, support caregiving, build capital for the future and make life a little easier and fun!  The below is a description of our benefits for employees in the United States, and benefits may vary for employees based outside the U.S.

Health & Welfare Benefits

  • Medical/Rx Insurance
  • Dental Insurance
  • Vision Insurance
  • Flexible Spending Accounts
  • Commuter Spending Accounts
  • Fertility & Family Forming Benefits
  • On-demand mental health support and Employee Assistance Program
  • Global Travel Medical Insurance

Financial Benefits

  • Short and Long Term Disability Insurance
  • Life & Accident Insurance
  • 401(k) Retirement Savings Plan
  • Employee Stock Participation Plan

Time Off

  • Flexible paid time off covering vacation and sick leave
  • Leave programs, including parental, pregnancy health, medical, and bereavement leave

 

 

What Makes Cloudflare Special?

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo: Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost.

Athenian Project: In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration. Since the project, we've provided services to more than 425 local government election websites in 33 states.

1.1.1.1: We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitment and ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you’d like to be a part of? We’d love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer.  We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness.  All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer.

Cloudflare provides reasonable accommodations to qualified individuals with disabilities.  Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.  If you require a reasonable accommodation to apply for a job, please contact us via e-mail at [email protected] or via mail at 101 Townsend St. San Francisco, CA 94107.

What you'll do

1Lead and manage the Security Platform team building secrets management, PKI, and machine/workload identity infrastructure
2Architect and operate secure, resilient distributed systems across Cloudflare's global network (310+ cities, 120+ countries)
3Own team roadmap planning — both long-term strategy and day-to-day prioritization
4Review and sign off on technical designs, project plans, and code contributions
5Personally lead individual projects and participate in hands-on design and implementation
6Support career development and growth for team members; delegate tasks appropriately
7Handle or assist with people management responsibilities including performance reviews and compensation planning
8Enable internal engineering teams to build and ship products securely and efficiently

Requirements

Team leadership and engineering management with direct ownership of roadmap, technical reviews, and people development
Distributed systems design and software development expertise at production scale
Strong security engineering background focused on implementation — secrets management, PKI, machine/workload identity
Excellent verbal and written communication skills for cross-team collaboration and technical design reviews
Operational experience running and supporting resilient, large-scale infrastructure systems

Nice to have

Go
Python
Salt
HashiCorp Vault
OpenBao
HSM
TPM
AMD SEV
Intel SGX
Apple Secure Enclave
Cryptography
Linux
UNIX
Open Source Contributions

Role overview

Role family
Software Engineering
Level
M1 — security
Experience
5–15 years
Type
Hybrid (IC + Management)
Remote policy
Hybrid (3 days)
Visa sponsorship
Not offered

Tech stack analysis

LANGUAGES
GoPython
FRAMEWORKS
Salt
INFRASTRUCTURE
HashiCorp VaultOpenBaoHSMTPMAMD SEVIntel SGXApple Secure EnclavePKI / Internal CACloudflare global network
TOOLS
Linux/UNIX

Salary estimate

$220K – $320K
AI-estimated salary range
Confidence72%
Reasoning

Cloudflare is a publicly traded, Tier-1 cloud infrastructure company. A Team Lead / Engineering Manager role on a high-sensitivity security infrastructure team (secrets management, PKI, identity) in preferred locations (Austin, NYC, Seattle, DC, Denver) typically commands $220K–$320K total cash comp. With equity (ESPP + RSUs) and the seniority implied, total compensation could exceed $400K. Estimate based on Cloudflare's known compensation bands, comparable FAANG-adjacent security engineering lead roles, and Levels.fyi data for similar positions.

See the AI-estimated salary range for this role

Sign up free →

Green flags

6 items
Explicit ownership of team roadmap, technical design authority, and people management — strong leadership runway for career progression.growth

Discover all 6 green flags for this role

Sign up free →

Benefits breakdown

HEALTH & WELLNESS
Medical/Rx Insurance
Dental Insurance
Vision Insurance
Flexible Spending Accounts
Fertility & Family Forming Benefits
On-demand mental health support and Employee Assistance Program
Global Travel Medical Insurance

See all benefits organized by category — health, financial, time off & more

Sign up free →

Hiring insights

JD quality
Urgency
medium
Autonomy
high
Team size
small (2-5)

See JD quality score, hiring urgency & team details

Sign up free →

Red flags

PRO4 items
No salary range disclosed in the posting, which reduces transparency for candidates in salary-negotiation-sensitive markets.compensation

See all 4 red flags — what the JD isn't telling you

Sign up free →

Interview insights

PRO
Rounds
5
Duration
4 wks
Difficulty
hard
Take-home
No

Get full interview breakdown — rounds, likely topics & prep tips

Sign up free →

Career path

PRO
Next roles
Senior Engineering Manager - SecurityDirector of Security EngineeringPrincipal Security Architect

See where this role leads — full career progression

Sign up free →
About the company
Cloudflare

Cloudflare operates one of the world's largest edge networks, spanning 300+ cities in 100+ countries. It provides web security, CDN, DNS, and zero-trust services that protect and accelerate over 20% of all websites on the internet. Cloudflare processes over 57 million HTTP requests per second on average.

HQSan Francisco, CA, USA
Interview difficultyhard
Build vs Maintainboth
Cross-functionalYes
Similar roles
You might also like
View all →
Manager, SONiC Software
NVIDIA
$220K – $310K·Santa Clara, California, US
C++PythonSONiCLinux
Lead System Software Engineer Platform - Server Embedded Firmware
NVIDIA
$224K – $431K·Santa Clara, California, US
CC++PythonBash
Senior Software Engineer Tech Lead, SONiC Network OS
NVIDIA
$220K – $320K·Santa Clara, California, US
CC++PythonLinux