Join our team and build your career with us
Bright Security is a rapidly growing global SaaS B2B company tackling some of the biggest challenges in Application Security. Bright’s enterprise-grade, dev-centric Dynamic Application Security Testing (DAST) platform provides comprehensive application testing from development to production and cloud, offering detailed vulnerability proof and remediation guidelines throughout the SDLC. Our solution accelerates issue awareness remediation from a 12-week average to same-day discovery.
About the product
The company is developing a SaaS product that empowers Application Security & Development teams to find and fix vulnerabilities iteratively at every step in the SDLC, without slowing them down.
Position
In this role, you will be part of our core Exploitation R&D team and report to the Engineering Director.
We’re looking for a strong backend engineer with a founder mindset who is passionate about application security and web vulnerabilities, and who can also provide leadership and drive execution with other engineers.
You’ll work in a global team of backend engineers and security researchers across Israel and Europe.
Sphere of operation: Application Security Testing
Key Responsibilities:
Maintain and improve existing attacks to achieve high performance, low false-positive rate, and low missed-findings rate.
Implement new attacks to detect more critical vulnerabilities for customers.
Improve performance and detect bottlenecks in backend components.
Build and enhance recovery mechanisms for backend processes.
Write and maintain unit, integration, and E2E tests.
Drive engineering standards, code quality, and delivery excellence across the team.
Mentor engineers through code reviews, feedback, and day-to-day collaboration.
Help break down projects into clear, executable milestones and ensure consistent execution.
Collaborate closely with product and security stakeholders to align technical work with business goals.
Contribute directly to architecture, reliability, and product impact as a hands-on engineer.
Stack or technologies and architecture:
Core engine: Crystal
Other microservices: Go and Node.js (TypeScript)
Infrastructure & tooling: AWS, CI/CD, PostgreSQL / NoSQL, Git, Docker
This role is intentionally multi-stack: development language and technology will vary based on product and team needs.
Qualifications:
5+ years of backend engineering experience, including at least 1 year in a senior-level role.
Strong hands-on coding and system design skills.
Solid knowledge of OOP, design patterns, algorithms, and computational complexity.
Experience with software testing approaches (TDD is a strong plus).
Deep understanding of concurrency concepts: async I/O, multithreading, multiprocessing.
Deep understanding of web fundamentals: HTTP, REST.
Experience with CI/CD tools (e.g., GitHub Actions, Jenkins).
Fluent English.
Leadership experience, or clear readiness to take ownership and lead engineering initiatives.
Nice to Have:
Application security experience (especially web vulnerabilities, OWASP Top 10).
Experience with Docker, Kubernetes, and configuration management tools.
Continuous delivery and modern DevOps practices.
Performance analysis and optimization.
Cloud platforms (AWS, GCP, Azure).
Browser Extensions API.
Experience building and operating AI/LLM pipelines for decision-making and data processing.
Benefits:
Competitive pay
Remote position
Paid vacation (18 days a year), state holidays and sick leave
World-class security experts changing the world of application and API security. Do it with us.
A diverse and inclusive workplace. Bright Security is an equal-opportunity employer and our team is composed of individuals from many diverse backgrounds, lifestyles, and locations.
