Software Engineer

Please Note:

1. If you are a first time user, please create your candidate login account before you apply for a job. (Click Sign In > Create Account)

2. If you already have a Candidate Account, please Sign-In before you apply.

Broadcom’s Application Networking and Security (ANS) division develops advanced security solutions, including distributed firewall and micro-segmentation technologies that protect east-west traffic across enterprise data centers. We are seeking a Software Engineer to join our growing team.

In this role, you will be part of the Container Security team, building the security layer that operates between container orchestrators and application workloads. You will collaborate in a fast-paced, agile environment to design and develop scalable solutions that address real-world on-prem cloud and data center security challenges. The ideal candidate has a strong interest in distributed systems, container networking, and innovative approaches to securing modern infrastructure.

What You'll Actually Work On

These are the product areas and engineering problems you'll spend your time on:

• Network policy and segmentation — enforcing L3-L7 security policies between pods, namespaces, and clusters. Implementing micro-segmentation concepts within Kubernetes; experience with VMware DFW is a plus.
• Runtime threat detection — building detection capabilities that identify anomalous behavior, policy violations, and lateral movement across containerized workloads.
• Kubernetes security posture — enforcing pod security standards, RBAC policies, secrets management, and security controls across the cluster lifecycle.
• Distributed and stateful workloads — securing workloads that require consensus, replication, and fault tolerance — including databases running on Kubernetes via operators or StatefulSets.
• Security telemetry and observability — working with high-volume data systems (e.g., ClickHouse) for large-scale security event ingestion, querying, and analysis. Building audit log pipelines and integrating with observability stacks.

How You'll Work

This is how you'll operate day-to-day:

• Own components end-to-end — from design spec through production support
• Break down ambiguous problems into clear technical designs before writing code
• Write Go — the primary language for all services, controllers, and operators
• Debug across layers — Kubernetes control plane, networking, and cluster-level issues using Prometheus, Grafana, kubectl debug, crictl, and audit logs
• Build automated tests that validate security correctness and prevent regressions
• Lead and participate in code reviews with a focus on correctness and maintainability
• Collaborate across teams — work with networking, platform, and QA engineers
• Ship in agile sprints — participate in all phases of the development cycle

What Makes You a Strong Fit

• Deep hands-on experience with Kubernetes internals — control plane, kubelet lifecycle, CRDs, admission webhooks, CSI, and Kubernetes Operators
• Strong Go skills — building operators, controllers, microservices, or CLI tools
• Solid understanding of container security — pod security standards, RBAC, secrets management, and runtime threat detection
• Strong knowledge of security constructs — network policies, segmentation, micro-segmentation concepts; experience with VMware DFW is a plus
• Experience with distributed systems and stateful workloads — consensus, replication, fault tolerance, and running databases on Kubernetes via operators or StatefulSets
• Exposure to high-volume data systems — analytical databases like ClickHouse, large-scale data ingestion and querying workloads
• Strong troubleshooting and observability skills — diagnosing cluster-level issues using Prometheus, Grafana, kubectl debug, crictl, and audit log pipelines
• Good understanding of TCP/IP network layers L2-L7
• Systems programming fundamentals — multithreading, IPC, sockets, signals
• Ability to work independently on complex problems and collaborate across teams
• Experience working in an Agile environment using Git-based workflows
• Bachelor's degree plus 8+ years of related experience, or Master's degree and 6+ years

If you enjoy making enterprise infrastructure secure by default — and building systems that other engineers trust without thinking about — this team is for you.

Education/Experience

Bachelor's degree in Engineering/Computer Science and 12+ years of related experience or Masters degree in Engineering/Computer Science and 10+ years of related experience

Additional Job Description:

Compensation and Benefits

The annual base salary range for this position is $141,300 - $226,000 

This position is also eligible for a discretionary annual bonus in accordance with relevant plan documents, and equity in accordance with equity plan documents and equity award agreements.

Broadcom offers a competitive and comprehensive benefits package: Medical, dental and vision plans, 401(K) participation including company matching, Employee Stock Purchase Program (ESPP), Employee Assistance Program (EAP), company paid holidays, paid sick leave and vacation time. The company follows all applicable laws for Paid Family Leave and other leaves of absence.

Broadcom is proud to be an equal opportunity employer.  We will consider qualified applicants without regard to race, color, creed, religion, sex, sexual orientation, national origin, citizenship, disability status, medical condition, pregnancy, protected veteran status or any other characteristic protected by federal, state, or local law.  We will also consider qualified applicants with arrest and conviction records consistent with local law.

If you are located outside USA, please be sure to fill out a home address as this will be used for future correspondence.