ProwlerPro, Inc.

Role Description - Innovate with the Customer in Mind: Partner with product owners, stakeholders, and engineers to understand customer needs, translating complex technical risks into actionable, scalable solutions that solidify Prowler's position at the forefront of the industry and drive our mission to become the standard for cloud protection. - Team Leadership & Execution: Lead, mentor, and grow a team of cloud security engineers and researchers, owning the end-to-end planning, execution, and delivery of cutting-edge research and team projects. - Pioneer Cloud Threat Research: Conduct comprehensive architectural reviews of major cloud ecosystems (AWS, GCP, Azure, OCI), their telemetry data, and Kubernetes to uncover hidden threat vectors, evasion techniques, and structural vulnerabilities. Naturally adopt an adversarial mindset, constantly evaluating new cloud deployments to identify architectural flaws, blind spots, and potential abuse vectors. - Develop Scalable Security Controls: Pioneer new methodologies for threat identification, engineering advanced security rules and automated safeguards from the ground up. Transform experimental security research into robust, enterprise-grade detection features integrated into the Prowler product. - Advanced Threat Modeling: Conduct deep-dive analysis and advanced threat modeling on complex cloud architectures and emerging AI/LLM infrastructures to preemptively identify and mitigate risks. - Drive the Security Roadmap: Contribute to strategic architecture decisions, collaborating closely with world-class engineering and research teams to define and execute the security product roadmap. - Champion Engineering Excellence: Drive high-quality code standards by leading code reviews, automated testing, and CI/CD workflows. Provide constructive feedback and mentor fellow engineers on best practices. - Elevate Industry Standards: Continuously update knowledge and push the continuous improvement of internal practices, introducing the latest industry standards and emerging trends to keep the team at the forefront of cloud security. - Community & Thought Leadership: Actively engage with and support the Prowler community, implement customer-driven requests, represent the team externally, and guide others in the open-source cloud security ecosystem. Qualifications - Cloud Security Expertise: 6+ years of extensive experience in Cybersecurity, with at least 3 years explicitly focused on Cloud Security ecosystems (CSPM, CWPP, CNAPP). - Technical Leadership: Proven experience (2-3+ years) leading engineering or research teams, driving collaborative development workflows, conducting rigorous code reviews, and managing agile security projects. - Cloud Architecture & IAM Mastery: Expert, deep-dive understanding of CSP APIs, internal services, and complex permission models (IAM) across at least one major cloud provider (AWS, GCP, Azure), alongside strong networking fundamentals (including cross-network routing, micro-segmentation, and advanced network topologies). - Attacker/Defender Mindset: A proven ability to evaluate any cloud architecture with an adversarial mindset, identifying structural flaws and potential abuse vectors before they are weaponized, backed by a solid foundation in cloud attack methodologies, vulnerability research, and penetration testing. - Coding Excellence: Advanced proficiency in Python, with a strong ability to write clean, efficient, scalable code. You are a strong advocate for maintaining high standards of detection quality and thorough documentation. - Cloud-Native & Infrastructure: Hands-on experience with containers and orchestration tools (Docker, Kubernetes), and a deep understanding of operating system architectures. - Automation & CI/CD: Practical experience with Git, collaborative workflows, Infrastructure as Code (leveraging the HashiCorp ecosystem or native cloud templates), and deployment automation within CI/CD pipelines. - Communication Skills: Adept at translating intricate security threats into actionable business insights for leadership, while providing deep, actionable context for our engineering squads. - Startup DNA: Driven by a strong sense of ownership, you excel in self-directed remote work while remaining deeply engaged and highly communicative within our distributed engineering culture. Working fluency in English is required. Requirements - AI & LLM Security Vanguard: Pioneering knowledge of emerging threat landscapes, attack vectors, and security best practices within Artificial Intelligence infrastructures, LLM security, and MLOps environments. - Open-Source Champion: A strong background with active, hands-on contributions to open-source security projects and a visible presence in the collaborative security ecosystem. - Industry Thought Leadership: A proven track record of sharing research and knowledge. This includes speaking engagements at top-tier conferences (e.g., DEF CON, Black Hat, fwd:cloudsec, BSides) or impactful research publications, CVE discoveries, and technical blog posts. - Advanced Certifications: Holding industry-recognized certifications that validate your deep technical expertise, such as AWS Certified Security - Specialty, GCP Professional Cloud Security Engineer, OSCP, OSWE, or equivalent. Benefits - Opportunity to work with a rapidly growing and innovative company in the cloud security industry. - Fully remote work, allowing for a flexible and collaborative environment. - Competitive compensation package. - Continuous learning and professional development opportunities. - Be part of a dynamic team that values creativity and innovation. - This is a full time, salaried position writing, testing, reviewing, and operating code at scale. - Prowler is fully remote and distributed, spanning all U.S. time zones and several in E.U. - Mandatory minimum PTO (shoot for ~5 weeks; anything less than 4 weeks/year is unacceptable). - Workstation/home office stipend per year, flexible working hours, and stock options. Hiring Process - Intro & Technical Screen (30 minutes): We want to get to know the person behind the profile. You'll jump on a quick call with one of our founders or tech leads to discuss your background, your proudest achievements, and the complex security or engineering challenges you’ve tackled so far. - Culture & Alignment Interview (1 hour): We thrive on a generative, diversity-first culture that champions context over control. This conversation is a two-way street to ensure you resonate with the high degree of autonomy, freedom, and ownership we expect, and to confirm that our environment is the right place for you to grow and succeed. - Technical Team Dynamic (1 hour 30 minutes): No take-home assignments here—we want to see how we build together. You will join a live, collaborative session with your future teammates to tackle a real-world cloud security scenario. Rather than answering trick questions in isolation, this interactive exercise focuses on your technical reasoning, solution architecture, and how effectively you communicate and problem-solve within a team setting.

Primary Responsibilities ‍ - Think beyond the code and about our users and customers, understand their needs and define solutions with the team. - Collaborate with cross-functional teams to design and develop the backend for the Prowler product. - Design, build, and maintain secure and scalable back-end APIs using containerized Django apps and Python. - Contribute to backend architecture decisions and product infrastructure planning. - Optimize system performance, reliability, scalability and security in a cloud-native environment. - Collaborate with product owners, designers, and fellow developers to define project requirements and features meant to cover business needs. - Lead code reviews, automated testing, and continuous deployment workflows, providing constructive feedback to maintain high code quality and adhere to best practices. Mentor other engineers on this matter. - Lead the continuous improvement of best practices introducing latest industry standards. - Manage and integrate relational databases, ensuring consistency, scalability, and performance (currently using PostgreSQL). - Actively participate in Prowler community support, guide others on this matter. ‍ Qualifications / Skills / Experience ‍ We evaluate the following in candidates for this role: - Advanced proficiency in Python, hands-on experience on Django is a plus. - 5+ years experience in Backend development or equivalent. - Strong understanding of RESTful API design and implementation. - Solid and proficient expertise in relational database design and optimization, especially PostgreSQL. - Experience working in cloud-based environments (AWS, GCP, or Azure). - Proficient in Git and collaborative development workflows. - Awareness of security, scalability, and maintainability best practices in software design. - Experience with containers and orchestration tools (Docker, Amazon Elastic Container Service). - Familiarity with CI/CD tools and deployment automation. - A strong advocate for unit testing, thorough documentation, and maintaining high standards of code quality - Proven ability to work independently and remotely. - Working fluency in English. - Startup mindset: initiative, proactive attitude. ‍ Good to have ‍ - Experienced with AWS, Azure, or Google Cloud - Skilled in Cloud Security - Background in Open Source projects ‍ How will you know you are successful in this role? ‍ - Direct teammates consider you to be a reference in Backend development and a valuable asset to the team. (Peer feedback is the most effective signal we have for individual contributor performance.) - The person to whom you report agrees that your contribution to architecture and feature velocity proceeds at a competitive pace, and code quality is on par with top tier Python developments. - We can ask you how your work contributes to the company’s vision, and it’s clear that your current work is the highest priority work you could be doing toward that vision. - You contribute directly and incontrovertibly to the success of the Prowler as a product in a competitive market space. ‍ Why join Prowler ‍ - Opportunity to work with a rapidly growing and innovative company in the cloud security industry. - Fully remote work, allowing for a flexible and collaborative environment. - Competitive compensation package. - Continuous learning and professional development opportunities. - Be part of a dynamic team that values creativity and innovation. ‍ Work Hours & Benefits ‍ This is a full time, salaried position writing, testing, reviewing, and operating code at scale. Prowler is fully remote and distributed, spanning all U.S. time zones and several in E.U. This necessitates individuals taking responsibility for their working hours and broadcasting availability to colleagues. Mandatory minimum PTO (shoot for ~5 weeks; anything less than 4 weeks/year is unacceptable), workstation/home office stipend per year, flexible working hours, and stock options are some of our other benefits. ‍ Hiring Process ‍ - Intro/Technical Screen: If you are interested in this role, we would love to meet you for a 30 min call with one of our founders or tech leads. You will be invited to talk about your experience and the challenges you have faced as a professional. (30 minutes) - Technical Exercises: You will receive a PDF the day and hour that you prefer, the document containing a few technical exercises that you must solve and send back in a maximum of three days. - Cultural Interview: We have a generative, diversity-focused culture that highly prioritizes context over control. Not everyone prefers this type of environment, and this interview ensures that you are comfortable with the freedoms and responsibilities we expect of our colleagues, and that you can thrive here. (1 hour) - Team Interview: Finally, we will invite you to a 1 hour chat with 2 team members about design systems and product orientation (1 hour). ‍