Network Engineer / Backend Developer
Job Summary
Job Description
- Deep understanding of Linux networking stack (iptables, XFRM/IPsec, netfilter, conntrack).
- Experience configuring StrongSwan (IKEv2, CHILD_SA lifecycles, MOBIKE, VICI).
- Solid AWS knowledge (Advanced Networking Specialty or equivalent).
- Capable of developing code.
- Comfortable reading packet traces and analyzing kernel behavior.
- Experience building custom VPN plugins.
- Kernel-space or eBPF experience.
- Previous work on mobility protocols or embedded network stacks.
- Familiarity with QNX or automotive telematics protocols.
- Hands-on experience with VPP, DPDK, or packet reordering.
- IPv6 edge deployment experience.
- AWS Advanced Networking Specialty certification.
5 skills required
Job Details
Project description
We are building a custom high-load and high-scale IPsec backend on AWS to support over 20,000 IKEv2 tunnels for connected vehicles with dual-modem WAN bonding and custom StrongSwan gateways, IPv6-only. We are looking for an experienced network engineer with
software development skills to help us create this platform.
Responsibilities
Implementing redirector and tunnel-terminator logic for thousands of parallel IKEv2/IPsec tunnels. Designing control-plane logic that can steer per-vehicle traffic over dual-modem tunnels with dynamic source IPs.
Embedding client identity into the protocol stack
Writing automation around Linux networking (iptables/netfilter/XFRM), StrongSwan VICI, and AWS primitives (NLB, ENI, etc.). Writing plugins or extensions for StrongSwan or the Linux IPsec stack if needed.
Building observability and traceability for IPsec sessions at scale (IDi, DPD status, per-modem metrics). Debugging packet flows and helping design testable redirect and failover scenarios.
Skills
Must have
Deep understanding of the Linux networking stack, including iptables, XFRM/IPsec, netfilter, and conntrack.
Experience configuring StrongSwan (IKEv2, CHILD_SA lifecycles, MOBIKE, VICI).
Solid AWS knowledge at the level of the Advanced Networking Specialty certification or equivalent real-world experience. Able to reason about flow consistency through NLB, GWLB, and EC2 fleet mechanics.
Capable of developing code.
Comfortable reading packet traces (tcpdump, Wireshark) and analyzing kernel-level behavior.
Nice to have
Experience with building custom VPN plugins (e.g., for StrongSwan, Libreswan, or similar).
Kernel-space or eBPF experience.
Previous work on mobility protocols or embedded network stacks.
Familiarity with QNX or automotive telematics protocols.
Hands-on experience with VPP, DPDK, or packet reordering logic.
IPv6 edge deployment experience.
AWS Advanced Networking Specialty certification.
Other
Languages
English: C2 Proficient
Seniority
Senior
Similar Jobs
Looks like we're out of matches
Similar Skill Jobs
Looks like we're out of matches
Jobs in Ukrainka, Kyiv Oblast, Ukraine
Looks like we're out of matches
Network Engineering Jobs
Looks like we're out of matches
About The Company
Get notified when new jobs are added by luxsoft
