FULLTIME
Software Engineer
Shinobi Security
Not specified · onsite · Posted 7d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
About Shinobi Shinobi security is an applied AI company that designs and develops autonomous offensive technologies for the world’s leading businesses and governments. Our teams in US, UK and Dubai build autonomous agents that find and exploit real vulnerabilities the way an attacker would, and we run them safely against live customer environments. The interesting part is not just "make the agents capable," it is "give an autonomous agent real credentials and real network access while making sure it only ever does what it's supposed to." We are small and fast, and we like it that way. Engineers here own systems end to end and get to talk directly to the customers running their software, which means you see the impact of what you build quickly.
The Role This is a true founding engineering role. You will own a meaningful slice of the platform from architecture through production and the customer conversations that come out of it. You won't be handed a narrow ticket queue. You'll be handed real problems, sometimes ambiguous ones, and given the room and support to figure them out. We care more about how you think and how fast you learn than about whether you've seen this exact stack before. Concretely, the person in this role:
- Designs and operates the platform layer that runs our pentesting agents: orchestration, multi-tenant isolation, scoped and short-lived credential vending, and the transparent traffic interception that lets us observe and constrain what agents do on the wire.
- Builds the infrastructure underneath all of it on AWS (and increasingly on-prem / Kubernetes for customers who require it), including networking, data stores, and the auth layer that gates everything.
- Helps keep our compliance and security posture solid, including the controls that get us and keep us SOC 2 compliant.
- Handles real customer issues directly. When a customer hits a problem, you are the one who reproduces it, traces it through the platform, fixes the root cause, and closes the loop with them. Support work here is engineering work, not a separate function.
- Translates messy customer and field requirements into architecture, including for security-conscious enterprise and government-facing buyers who care deeply about how the system isolates, logs, and proves what it did.
What You Will Actually Do
- Take ownership of one or more core subsystems (orchestration, the proxy layer, credential vending, or multi-tenant isolation) and be the person the team routes questions to about it.
- Run point on customer-reported technical issues: reproduce, diagnose, fix, and communicate. Turn recurring issues into platform improvements so they stop recurring.
- Ship infrastructure on AWS using IaC, and contribute to on-prem / Kubernetes deployments for customers with data-residency or air-gap requirements.
- Harden the auth and compliance surface as we move through enterprise security reviews.
- Write the internal and external technical documentation that lets customers, auditors, and teammates trust how the system works.
What We're Looking For We don't expect you to check every box. If you're strong in most of these and a fast learner on the rest, we want to talk.
Core
- Solid production experience in TypeScript and/or Python. Comfortable shipping and operating real systems, and happy to grow into the other if you mainly know one today.
- Good working knowledge of AWS: compute (ECS/Fargate, Lambda), data stores (DynamoDB, relational/Postgres), and infrastructure-as-code (CDK or similar). Kubernetes experience is a bonus, not a requirement.
- A feel for systems and networking. You're curious about what's actually happening when traffic moves between services, and willing to dig into proxies, TLS, and isolation boundaries even if they're new to you.
- A security-aware mindset, or the instinct to develop one. Thinking about blast radius, least privilege, and "what could this credential do if it leaked."
- Comfort talking to customers. You can take a bug report, ask good questions, and own a problem through to resolution.
- Someone who learns and adapts quickly and does their best work when handed a real problem and trusted to solve it.
Nice to have
- Experience with multi-tenant SaaS isolation models.
- Hands-on with SOC 2 Type 2 or similar compliance from the engineering side.
- Background in penetration testing, offensive security, or building tooling for security teams.
- Experience with enterprise SSO (e.g. Auth0) and identity plumbing.
- Experience deploying into regulated, government, or air-gapped environments.
How We Work
- Small team, wide ownership, short path from idea to production.
- Engineers own their systems and the customer relationships that come with them, with plenty of support from the rest of the team.
- Direct, low-ceremony communication. We prefer shipped code and good decisions over status theater.
- We give our engineers real tools and real budget. We have a generous token budget for AI tooling, so you'll never be rationing the thing that makes you faster.
- The work is interesting and the problems are real. The threat model matters, the customers are sharp, and the platform has to be trustworthy enough to hand an autonomous agent the keys.
Why It's Worth It You'd be one of the people defining how an entire category of product, autonomous offensive security, gets built safely. The surface area is large, the autonomy is real, and your work shows up directly in whether customers trust us with their infrastructure. If you want to grow fast and own something that matters, this is a good place to do it. Shinobi Security is an equal opportunity employer. We hire for capability and judgment.
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02