* Salário: R$ 3.000 a R$ 6.000 por mês (estimado)
* O valor exibido é uma estimativa calculada com base em dados públicos e referências do mercado. Não garantimos que este seja o salário oferecido para esta vaga específica.
Área: Tecnologia da Informação
Nível: Junior
Company is the pioneer of Active ASPM, securing the modern software supply chain. We cut through alert noise to surface the critical 5% of risks that are truly reachable and exploitable.
We're hiring a Backend Engineer for our Security Research group to build the systems thatpower our open-source intelligence work - ingesting public package ecosystems (NPM, PyPI),monitoring them continuously, and detecting malicious behavior at scale.This is a highly autonomous IC role where you’ll own projects end-to-end - transforming researcher prototypes into scalable production systems.
Responsibilities:
- Build scalable scraping and ingestion pipelines for public package registries (NPM, PyPI, etc.)
- Design and maintain distributed systems based on APIs, workers, queues, and databases
- Develop detection mechanisms for: malicious install hooks, embedded binaries, obfuscation techniques, suspicious package behavior
- Build and improve risk-scoring algorithms to prioritize real threats
- Work closely with security researchers to productionize detection capabilities
Requirements:
Requirements:
- 5+ years of backend development experience with Python and/or Node.js / TypeScript
- Hands-on experience with large-scale scraping systems
- Strong knowledge of distributed architectures: queues, workers, PostgreSQL, Redis
- Production experience with Docker / docker-compose
- Strong ownership mindset and ability to work autonomously
- Full professional English proficiency
Strong Advantage:
- Malware analysis or reverse engineering experience
- Familiarity with ELF / PE / Mach-O formats
- Background in security research or software supply-chain security