Network Engineer (Anti-Censorship)-Remote at CXM Direct LLC

, , Vietnam -

Full Time

Start Date

Immediate

Expiry Date

01 Feb, 26

Salary

0.0

Posted On

03 Nov, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Linux System Administration, Networking Fundamentals, Proxy Technologies, Tunneling Technologies, Censorship Mechanisms, Scripting Languages, Containerization, Automation Pipelines, TLS Camouflage, Cloudflare Services, BGP Security, Go, Rust

Industry

Financial Services

Description

Position Title: Network Resilience Engineer – Anti-Censorship Infrastructure Reporting Line: Reports directly to the Head of Infrastructure / CTO Location: Remote – Open globally (preference for time zones overlapping Asia and Europe) General Purpose Design, deploy, and maintain resilient network infrastructure to ensure uninterrupted access to our services in regions facing heavy internet censorship (e.g., China, India, Middle East). This role focuses on building robust proxy and obfuscation layers, traffic masking strategies, and automated failover mechanisms to maintain service reliability under adversarial network conditions. As a Network Resilience Engineer, you’ll serve as the technical owner of our anti-censorship stack — blending deep networking knowledge, scripting, and creative problem-solving to deliver an open and accessible internet experience. Specific Objectives (first ~12 months) Design, implement, and maintain proxy and obfuscation stacks (e.g., Shadowsocks, obfs4proxy, Cloudflare Tunnel) Develop a robust monitoring framework for censorship-related disruptions such as DPI, DNS poisoning, and TCP resets Establish automated strategies for IP rotation, traffic masking, and intelligent failover Integrate obfuscation layers with backend services to ensure seamless connectivity Research and adopt emerging circumvention techniques (e.g., TLS camouflage, domain fronting, randomized transports) and Chocolate Protocols Implement observability, logging, and analytics for tunnel health and anomaly detection Collaborate with security, backend, and DevOps teams to strengthen resilience and redundancy Key Activities Architect and maintain multi-layered proxy infrastructure across distributed environments Deploy and manage tunneling technologies (e.g., V2Ray, WireGuard, Cloudflare Spectrum/Tunnel) Monitor network traffic to identify and mitigate censorship tactics in real time Automate configuration, deployment, and scaling using tools like Terraform, Ansible, or GitHub Actions Conduct research into censorship techniques and propose adaptive countermeasures Collaborate cross-functionally to ensure application reliability under censorship stress Develop internal documentation and runbooks for incident response and recovery Evaluate and implement TLS fingerprinting and evasion strategies using libraries like uTLS Key Competences Strong Linux system administration and networking fundamentals Deep familiarity with proxy/tunneling technologies (Shadowsocks, V2Ray, obfs4proxy, WireGuard, etc.) Hands-on understanding of censorship mechanisms (deep packet inspection, IP blocking, DNS tampering) Proficient in scripting languages such as Bash and Python Experience with containerization (Docker, Kubernetes, ECS) and automation pipelines (CI/CD) Knowledge of TLS camouflage and randomized transport protocols Understanding of Cloudflare services (Spectrum, Tunnel, Magic Transit) and similar platforms Optional but valuable: familiarity with BGP security, RPKI, and route-hijack prevention Experience with Go or Rust to customize or build lightweight proxy transports Likely Current Job Network / Systems Engineer managing proxy or tunneling infrastructure DevOps / SRE professional with strong network automation experience Security Engineer specializing in encrypted communications and anti-censorship systems Backend or Infrastructure Engineer with a focus on networking and traffic optimization Employer Value Proposition Join a mission-driven team building cutting-edge infrastructure to uphold digital freedom and bypass censorship worldwide. You’ll have the autonomy to research, test, and deploy creative networking solutions that keep services accessible under the most restrictive environments. This is an opportunity to apply your technical expertise to a globally impactful cause — blending cybersecurity, network engineering, and innovation. The environment is fully remote, collaborative, and research-driven, ideal for engineers passionate about open access and resilient network design. Compensation & Benefits – salary, Gym Allowance, health insurance, etc. Career Growth – training, learning opportunities. Work Environment – culture, flexibility, leadership style. Recognition & Support – appreciation, inclusion

Responsibilities

Design, deploy, and maintain resilient network infrastructure to ensure uninterrupted access to services in regions facing heavy internet censorship. Serve as the technical owner of the anti-censorship stack, blending networking knowledge, scripting, and problem-solving.