Security Backend Engineer

DescriptionCompany is the pioneer of Active ASPM, securing the modern software supply chain. We cut through alert noise to surface the critical 5% of risks that are truly reachable and exploitable.We're hiring a Backend Engineer for our Security Research group to build the systems thatpower our open-source intelligence work - ingesting public package ecosystems (NPM, PyPI),monitoring them continuously, and detecting malicious behavior at scale.This is a highly autonomous IC role where you’ll own projects end-to-end - transforming researcher prototypes into scalable production systems.Responsibilities:Build scalable scraping and ingestion pipelines for public package registries (NPM, PyPI, etc.)Design and maintain distributed systems based on APIs, workers, queues, and databasesDevelop detection mechanisms for: malicious install hooks, embedded binaries, obfuscation techniques, suspicious package behaviorBuild and improve risk-scoring algorithms to prioritize real threatsWork closely with security researchers to productionize detection capabilitiesRequirementsRequirements:5+ years of backend development experience with Python and/or Node.js / TypeScriptHands-on experience with large-scale scraping systemsStrong knowledge of distributed architectures: queues, workers, PostgreSQL, RedisProduction experience with Docker / docker-composeStrong ownership mindset and ability to work autonomouslyFull professional English proficiencyStrong Advantage:Malware analysis or reverse engineering experienceFamiliarity with ELF / PE / Mach-O formatsBackground in security research or software supply-chain securityOriginally posted on Himalayas