Role Description As a Senior Windows Identity Detection Engineer, you will research and detect emerging identity threats by developing behavior-based detection methods. You’ll build tools and PoCs to identify and prevent attacks such as Pass-the-Hash, Silver Ticket, and MFA bypass. Your work will directly strengthen the security of millions of Windows endpoints protected by the platform. In this role, you’ll have a unique opportunity to expand your skillset beyond just Windows security, and to not only contribute, but to significantly influence the buildout of a new side of our business - Identity security from the ground up! What will you do? - Detect the newest identity threats with end-to-end responsibility for behavior-based detection capabilities. - Research attack techniques and design new methods to detect or prevent those attacks. - Implement detection methods in the product (SW development in C++23 and scripting in Lua). - Develop and use internal research tools and PoCs to discover new ways to detect/prevent identity-based attacks. - Enhance the security of dozens of millions of Windows endpoints protected by the platform. Working setup - Flexible working hours; this is a 100% remote role on full-time permanent employment (UoP) based within Poland. - Optional membership in major coworking chains. - Consideration for candidates already eligible to work in the EU at the time of applying. - Relocation assistance available for those willing to relocate to the Czech Republic, provided they are eligible to work in the EU at the time of applying. Qualifications - 3+ years of experience in malware analysis (statically and dynamically). - 3+ years of experience with C++; knowledge of Lua or similar scripting language is an advantage. - Excellent understanding of Windows Internals (Process and Threads, Virtual Memory, etc.). - Experience with analysis tools such as IDA, WinDBG, SysInternals, etc. - Experience with identity-based attacks (Pass the Hash, Silver Ticket, MFA bypass) is a big plus. - Kernel development experience and/or understanding of existing AVs internals is an advantage. Benefits - Equity & Rewards: Restricted Stock Units (RSUs), Employee Stock Purchase Plan (ESPP). - Time Off & Wellbeing: Competitive leave benefits, gender-neutral parental leave. - Insurance & Financial Security: Medical and insurance benefits, pension scheme, Employee Assistance Program (EAP). - Work Perks & Flexibility: Global home office allowance, mobile phone allowance. - Wellness & Lifestyle: Wellness benefit.

Role Description You will own the Node.js Proactive Defense initiative — a new runtime security layer for Imunify360 that brings the same in-process protection model we already ship for PHP into the Node.js ecosystem. Today, hosting providers running multi-tenant Node.js workloads have no equivalent of mod_security + PHP Proactive Defense: malicious code, supply-chain payloads, and post-exploitation behavior execute inside the Node.js process with full privileges of the tenant. Your job is to close that gap. Concretely, You Will: - Design and ship a Node.js runtime agent that hooks into the V8/Node lifecycle to trace and block malicious behavior patterns (child_process spawn chains, eval / Function constructors, prototype pollution exploitation, unsafe deserialization, SSRF, path traversal, fs writes to sensitive locations, malicious require() / dynamic import chains, supply-chain poisoning at load time). - Define the detection model: which behaviors are policy-blockable by default, which are signal-only, and how rules are authored, distributed, and versioned alongside our existing Proactive Defense rule pipeline. - Integrate the agent with the rest of the on-host Imunify security stack so that Node.js detections, blocks, and incidents flow into the same telemetry pipeline, the same backend event store, and the same admin UI as our other layers (WAF, host-IDS, brute-force protection, malware scanner, patch management). - Make it production-safe on shared hosting: low overhead, tenant-isolated, compatible with CageFS / LVE, and resilient to hostile tenants who will try to disable or evade the agent. - Build the pipeline that turns CVE write-ups and threat-intel feeds into shipped detections. - Own the closed feedback loop from production blocks (true positives, false positives, evasions) back into the next generation of rules. This is a green-field, security-engineering-led role with direct product impact: the detections you write will run on hundreds of thousands of servers. Qualifications - Security engineer mindset: thinks in attack surfaces, exploit primitives, and defense-in-depth - not just in OWASP checklists. - Runtime/exploitation knowledge across languages: prototype pollution, deserialization, command injection, SSRF, path traversal, supply-chain poisoning. - Systems-level development: Linux daemons, systemd, privileged processes, IPC, namespaces/cgroups, file-descriptor and signal hygiene. - Low-level / instrumentation instinct: has hooked, traced, or intercepted something in production. Requirements - Shared-hosting / multi-tenant Linux experience: LVE, CageFS, control-panel ecosystems, or analogous tenant-isolation work. - Comfort working from a CVEs and threat-intel feed as primary product input. Benefits - A focus on professional development. - Interesting and challenging projects. - Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide. - Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves. - Compensation for private medical insurance. - Co-working and gym/sports reimbursement. - Budget for education. - The opportunity to receive a reward for the most innovative idea that the company can patent.

Role Description Join our Security Engineering team as a Security Engineer who builds, not just operates. You will design and build security systems that protect our AI-driven platform at scale—whether that means securing cloud infrastructure and data pipelines, embedding security into our AI-powered products, engineering the detection and automation capabilities that keep us ahead of threats, or protecting corporate infrastructure and ensuring secure, well-architected business systems. You will own your work end-to-end and grow into one of our four specialization tracks as the team and your profile develop together. As a Security Engineer at Aily, you are a software engineer with deep security expertise. We are not looking for people who configure existing tools; we need engineers who write production-quality code to solve hard security problems in an AI-first company. You will face problems of the AI age: - Securing complex data flows across distributed systems - Protecting AI models and training pipelines - Building detection logic against real threats - Designing products that handle highly regulated data safely You will own projects from design through deployment and work closely with Engineering, Data Science, Platform, and Product teams. Where You’ll Specialize Our Security Engineering team operates across four tracks. You’ll share your preference during the process; we’ll confirm fit and align on where you’ll have the most impact: - Platform Security - Build the security infrastructure that protects Aily’s cloud platform, AI pipelines, and data ecosystem. - Design and build security automation systems and platforms — from control monitoring to advanced threat detection capabilities or agentic red teaming. - Secure complex data flows, data lakes, and AI training pipelines; implement DLP strategies at scale. - Protect AI models from adversarial attacks, data poisoning, and unauthorized access. - Implement cloud security controls for AWS environments and codify security policies through Infrastructure as Code. - Product Security - Embed security into our AI-powered products from the start, working closely with Product and R&D teams. - Design security architectures for AI/ML systems handling regulated data. - Conduct threat models and security architecture reviews across all engineering teams. - Design authentication and authorization architectures (SSO, OAuth/OIDC, RBAC/ABAC) and review third-party integrations. - Ensure GDPR/CCPA/EU AI Act compliance and integrate SAST/DAST into CI/CD pipelines. - Security Operations - Write production-quality code to build the detection logic and agentic observability platform that keeps Aily ahead of threats. - Design detection strategies against real attacker TTPs — from signal engineering to response workflows. - Build and operate an AI-native, agentic Security & Governance Observability Platform with autonomous agents that ingest telemetry, correlate signals, and execute responses. - Build data pipelines for security telemetry at scale and design intelligent automation that eliminates repetitive work. - Design incident response playbooks and automated remediation workflows across endpoint, cloud, and identity domains. - Corporate Security - Protect corporate infrastructure, ensure secure and well-architected business systems, and govern company-wide AI usage and agentic tooling. - Design and implement security controls for corporate infrastructure — MDM, identity management, endpoint security, and access control architectures. - Build security automation and tooling for compliance and policy enforcement across corporate systems. - Define and enforce policies for company-wide AI usage and agentic tooling — ensuring safe adoption, data boundaries, and governance guardrails. - Review and validate architectural decisions for business systems (HRIS, CRM, Finance, Legal, BI) from Security and Data Architecture perspectives. - Provide Enterprise Architecture governance — ensuring business systems meet security and architectural standards through review, patterns, and guidance. Qualifications - Software engineer who writes production-quality code to solve security problems — not just configure tools. - Strong systems thinking and ability to design at scale. - Cloud security experience (we use AWS) — Kubernetes, containers, cloud-native architectures. - AI-first mindset — you use AI tools daily and thrive in an AI-native environment. - Offensive security or red teaming background. - Clear communicator across technical and non-technical teams. Requirements - Platform Security: - DLP in production environments. - Securing data-intensive systems (data lakes, analytics, AI pipelines). - Building security platforms or governance tooling from scratch. - Product Security: - Privacy engineering (GDPR/CCPA). - Security architecture for AI/ML and regulated data. - Threat modeling · IAM (SSO, OAuth/OIDC, RBAC/ABAC). - Regulatory compliance (EU AI Act, HIPAA, SOX). - Security Operations: - Detection engineering against real TTPs. - Incident response or threat hunting. - Working with large-scale security telemetry. - Corporate Security: - Corporate Security systems (MDM, identity management, endpoint security). - Identity and access management (Okta, Entra ID, Azure AD). - Enterprise architecture review and governance. - AI usage governance and agentic tooling security. Benefits - Build security from the ground up at an AI-first company — our security platform is greenfield, not legacy. - Work where using AI to solve problems is expected and encouraged, not discouraged — we are building one of the most advanced agentic security capabilities in the industry. - Own your work end-to-end with real impact across the company, not just a narrow slice of a large team. - Enjoy the flexibility of remote work, continuous growth, and dedicated training resources to support your professional development.

Design, implementation, and management of our Identity and Access Management (IAM) solutions, ensuring the confidentiality, integrity, and availability of our organization's data and systems.