Senior Site Reliability Engineer – Edge

Responsibilities

• Edge Architecture & API Gateway: Ensure high availability (99.95%+ uptime) for On’s digital platforms and our central Apollo GraphQL Gateway. Design the “front door” of our infrastructure to be elastic, handling the unique scaling demands of both static web assets and complex federated API traffic.
• Traffic Engineering & Segmentation: Lead the strategic roadmap for our CDN (Cloudflare) and networking stack. Distinguish between the needs of customer‑facing web applications and internal service‑to‑service communication, implementing optimized routing for each.
• Environment Isolation & Security: Implement and maintain robust guardrails to protect our internal ecosystem. Restrict pre‑production environments (e.g., Staging, QA) from the public internet using Zero Trust models, IP‑based access controls, or OIDC‑integrated tunnels.
• Standardized Auth & Access: Drive the standardization of authentication and authorization at the edge. Ensure that every request entering our network is consistently validated, providing a secure and seamless identity layer for all microservices.
• Advanced Troubleshooting: Serve as the organization’s “Level 3” expert for complex network traffic analysis. Dive into packet captures, TLS handshakes, and Apollo query latencies to find the root cause of global performance regressions.
• Shielding the Origin: Take full ownership of our WAF and Bot Management strategy. Design and implement measures to protect our services from DDoS attacks and malicious actors without impacting the legitimate athlete experience.
• Infrastructure as Code (IaC): Treat the network and the gateway as code. Manage edge configurations and gateway routing using Terraform, ensuring security rules and routing logic are versioned, tested, and automated.

Qualifications

• Networking & Gateway Authority: Deep understanding of the OSI model and experience managing API Gateways (specifically Apollo GraphQL). Optimize the “supergraph” for performance at the edge.
• Edge & Security Specialist: Proven experience managing high‑traffic CDN architectures (Cloudflare preferred) and strong grasp of modern security protocols like OIDC, OAuth2, and JWT for standardizing service access.
• Infrastructure Security: Experience implementing “Zero Trust” architectures and managing private network connectivity to isolate internal environments from public exposure.
• Cloud Native: Comfortable in modern cloud environments (GCP/AWS) with experience in Kubernetes (GKE), service mesh networking, and ingress controllers.
• Automation First: Belief that manual changes are technical debt. Proficiency in Terraform and familiarity with CI/CD workflows (GitHub Actions) for deploying networking changes safely.
• Collaborative Leader: Enjoy working across teams (Security, DevEx, and Product) to solve horizontal problems. Translate complex networking and auth concepts into actionable insights for non‑experts.

About the Team

You will be joining the Platform Foundations group, a high‑impact collective of engineers dedicated to building the “Engine” of On’s technology. We manage our cloud infrastructure, Developer Experience (DevEx), and the Edge. We are a global team that values a “lead‑by‑example” culture. You will work alongside Staff and Principal engineers to bridge the gap between infrastructure and product, ensuring our technical investments directly accelerate the velocity of On’s mission.

On is an Equal Opportunity Employer. We are committed to creating a work environment that is fair and inclusive, where all decisions related to recruitment, advancement, and retention are free of discrimination.

#J-18808-Ljbffr…