Senior Security Backend Engineer

We are looking for a strong Senior Security Backend Engineer to join our Security Research Team.

This role focuses on building the infrastructure behind large-scale open-source intelligence, package ecosystem monitoring, and supply-chain threat detection. It is a highly autonomous individual contributor role, with end-to-end ownership of projects that turn security research prototypes into scalable production systems.

Responsibilities

• Build scalable scraping and ingestion pipelines for public package registries such as NPM, PyPI, and similar ecosystems
• Design and maintain distributed systems using APIs, workers, queues, and databases
• Develop detection mechanisms for:
  • malicious install hooks
  • embedded binaries
  • obfuscation techniques
  • suspicious package behavior
• Build and improve risk-scoring algorithms to prioritize real threats
• Work closely with security researchers to productionize detection capabilities

Requirements

Must Have

• 5+ years of backend development experience with Python and/or Node.js / TypeScript
• Hands-on experience with large-scale scraping systems
• Strong knowledge of distributed architectures, including:
  • queues
  • workers
  • PostgreSQL
  • Redis
• Production experience with Docker / docker-compose
• Strong ownership mindset and ability to work autonomously

• Full professional English proficiency

   

Strong Advantage

• Malware analysis or reverse engineering experience
• Familiarity with ELF, PE, or Mach-O formats

• Background in security research or software supply-chain security

   

Nice to Have

• CTF participation
• Bug bounty experience
• OSCP / OSWE certifications
• Experience at companies in application security, supply-chain security, or developer security tooling
• Kafka and large-scale ETL experience