We're hiring for a hybrid position, preferring someone based in New York City, but will consider strong candidates on the East Coast. We need an engineer with 15+ years of professional experience who is comfortable taking the lead - someone who can own architectural decisions, set technical direction, and mentor teammates while staying hands-on. CTEM experience is a plus. You'll value continuous learning, have a genuine interest in cyber security, and communicate clearly.

Our existing services are built on Django (Python) and React (TypeScript), hosted on AWS, with many more services still to build.

This is a startup. That means you wear every hat, and the work has to get done now. We're looking for a relentless go-getter who thrives under pressure, moves with urgency, and doesn't wait around for permission. Decisions need to be made quickly and correctly. Communication is everything, and so is close collaboration with both our penetration testers and the business. If that energy excites you rather than exhausts you, you'll fit right in.

Responsibilities

• Lead the design and implementation of solutions and tooling for the CTEM platform.
• Own key architectural decisions and guide the technical direction of new services.
• Collaborate closely with our penetration testing teams and the business to ensure the tools we build are effective and deliver meaningful information to assessment teams in the field.
• Mentor and support other engineers while remaining hands-on in the codebase.
• Integrate open-source security tooling - sometimes written in languages outside our core stack - into the platform.

Nice to Have

• CTEM platform experience - a plus, but not required.
• Experience across a range of programming languages. Security tooling often means integrating open-source tools written in other languages, so an appetite for picking up new ones goes a long way.
• API design and documentation.
• Message processing and queueing systems.
• Experience with penetration testing tools (Nuclei, Nmap, etc.).

Desired Experience / Skills

• 15+ years of relevant professional software engineering experience.
• Comfortable taking the lead on technical decisions and project direction.
• Strong understanding of Django and the Django REST Framework.
• Proficiency across the Python ecosystem.
• TypeScript / JavaScript (React).
• Relational databases (PostgreSQL).
• AWS (EC2, EBS, Lambda, ECS).
• Excellent spoken and written communication skills.

Due to the nature of the security industry tooling, whilst the main development languages at OSec are Python and JavaScript, there will be times where open source tools written in other languages will be required to be integrated into the system.

Personal Qualities

• A relentless go-getter with a serious bias for action - you move fast, take ownership, and get things done.
• Built for startup pace. You're comfortable wearing every hat and treating "it needs to be done now" as the default.
• A sharp, decisive thinker who can make calls quickly - and correctly - under pressure.
• An outstanding communicator who keeps everyone aligned, in writing and out loud.
• A natural collaborator who works seamlessly with penetration testers and the business alike.
• A confident leader who takes ownership and drives decisions.
• Highly professional, with outstanding attention to detail.
• Self-motivated, dependable, and unflappable.

Benefits

• Flexible working hours;
• Competitive health packages;
• Life insurance;
• 401k plan with company contributions
• Maternity and parental leave;
• On-the-job training opportunities; and
• Paid, flexible vacation.