Create and sustain security capabilities such as antivirus, SSL inspection, intrusion detection and prevention, and content filtering within enterprise-grade router firmware and software environments.
Build deep packet inspection systems and signature-driven detection methods to recognize malicious software, exploits, and suspicious traffic behaviors.
Incorporate live threat intelligence sources and update mechanisms to keep pace with emerging cyber threats.
Optimize packet processing efficiency to support low-latency, real-time security analysis.
Partner with product management and system architecture teams to shape the strategic direction and prioritization of security features.
Collaborate with quality assurance and DevOps groups to establish test scenarios, validation tools, and automated regression testing for security components.
Perform vulnerability assessments, performance evaluations, and tuning of security modules.
Maintain awareness of current network security standards, protocols, and emerging attack vectors.

Minimum of five years of experience in embedded systems or network security software engineering.
Knowledge or practical experience with SSL/TLS interception and secure proxy technologies.
Experience with intrusion detection and prevention systems, deep packet inspection, and packet analysis engines.
Implementation experience with DNS-based content filtering.
Background in antivirus solutions and sandboxing techniques.
Strong programming skills in C and C++, with in-depth understanding of the Linux networking stack and kernel modules.
Familiarity with common security tools and libraries such as Suricata, Snort, ClamAV, OpenSSL, and libpcap.
Solid grasp of core networking concepts including TCP/IP, NAT, routing, and quality of service.
Proven ability in debugging, profiling, and optimizing system performance.
Effective written and verbal communication skills, with attention to technical documentation.

Experience developing software for enterprise or internet service provider-grade routers and gateways.
Familiarity with UniFi networking platforms.

Design, develop, and maintain network security features, including antivirus, SSL inspection, IDS/IPS, and content filtering in enterprise router firmware and software stacks.
Develop deep packet inspection (DPI) and signature-based detection engines for identifying malware, exploits, and malicious traffic patterns.
Integrate threat intelligence feeds and update mechanisms to ensure detection of evolving security threats.
Ensure high-performance packet processing and minimal latency for real-time threat detection.
Collaborate with product managers and system architects to define the security roadmap and feature priorities.
Work with QA and DevOps teams to design test cases, validation frameworks, and automated regression testing for security features.
Conduct vulnerability analysis, performance benchmarking, and optimization for security modules.
Stay current with network security standards, protocols, and emerging threats.

5+ years of experience in embedded or network security software development.
Understanding or hands-on experience with: SSL/TLS inspection and secure proxy implementations
IDS/IPS, DPI, and packet inspection engines
Content filtering via DNS restriction
Antivirus and sandboxing
Proficiency in C/C++, with strong knowledge of Linux networking stack and kernel modules.
Familiarity with security frameworks and libraries (e.g., Suricata, Snort, ClamAV, OpenSSL, libpcap).
Solid understanding of networking fundamentals (TCP/IP, NAT, routing, QoS).
Excellent debugging, profiling, and performance tuning skills.
Strong documentation and communication abilities.

Ubiquiti Inc. is hiring a Senior Security Engineer