What You'll Do
- Build and optimize our event ingestion pipeline handling millions of events from distributed sensors.
- Design detection rules and correlation logic that identify exploitation patterns across event streams.
- Develop ClickHouse schemas and queries optimized for security event analysis and threat hunting.
- Implement gRPC services for sensor communication and internal microservices.
- Work on Kafka-style message processing for reliable event delivery and processing.
- Build APIs and tooling for security analysts to query and investigate runtime detections.
- Optimize system performance and resource utilization as data volumes scale.
What We're Looking For
- 5+ years of backend development experience building distributed systems.
- Strong Go proficiency, you've shipped production Go services at scale.
- Experience with high-throughput message systems (Kafka, Redpanda, NATS, Pulsar).
- ClickHouse or similar columnar database experience (Druid, TimescaleDB, BigQuery).
- Deep understanding of gRPC, protocol buffers, and service-to-service communication.
- Track record of optimizing performance in data-intensive applications.
- Comfort working with security concepts and detection logic.
Nice to Have
- Background in security tooling, SIEM, EDR, or threat detection platforms.
- Experience with stream processing frameworks (Flink, Kafka Streams).
- Kubernetes and containerized microservices deployment.
- Observability stack experience (Prometheus, Grafana).
- Understanding of security detection engineering and MITRE ATT&CK framework.
- Open source contributions to Go, Kafka, or ClickHouse ecosystems.
Our Stack
- Go for all backend services.
- gRPC for transport and service communication.
- Redpanda (Kafka-compatible) for event streaming.
- ClickHouse for event storage and analytical queries.
- Kubernetes for deployment.
- Microservices architecture with containerized workloads.