Software Engineer and Security Researcher (Cybersecurity)

Software Engineer and Security Researcher
#job #vacancy #engineer #remote

Location: Belarus
Format: full-time
B2B contract

Commit Offshore is a software development and IT recruitment company that connects skilled engineering talent with innovative international startups and technology companies. We help clients build high-performing remote teams across software development, cloud, AI, cybersecurity, and product engineering.

We're hiring a Software Engineer and Security Researcher to help build our top-tier cybersecurity product. This is a hybrid role by design: a strong software engineer who also brings a deep cybersecurity background. Strong engineering velocity is how features get shipped; serious security expertise is how those features get shipped right. You should have an understanding of how attackers and defenders actually operate. The product space is CSPM/CNAPP-related, but extends beyond it. Expect to work across cloud posture, identity, attack paths, prioritization, detection, and adjacent areas as the product evolves. The pace is high. AI is part of how we work, every day.


Requirements
5+ years as a software engineer. You design systems, write production code, reason about reliability and edge cases, and own delivery end-to-end.

Strong cybersecurity foundation. You understand threats, controls, identity, cloud risk, and why a “finding” is or isn’t worth a customer’s attention. This is what makes your feature decisions land.

Hands-on experience developing with AI / AI-driven development. You have meaningfully shipped work where coding agents, LLM tools, or in-IDE AI assistants were a core part of how you built it. You can speak in detail about what worked, what didn’t, and how you got real leverage out of these tools.

Experience with at least one major cloud platform (AWS preferred; Azure or GCP also valid).

Comfortable operating at high pace: small batches, fast iteration, willingness to cut scope to ship, calm under pressure.

Strong communication: you can explain engineering and security tradeoffs to both technical and non-technical stakeholders

Nice to Have

Experience building CSPM/CNAPP products, cloud security detection/analytics pipelines, or other top-tier security products.

Experience building or fine-tuning AI-powered developer workflows: custom agents, pipelines, evals, internal AI tooling, prompt frameworks.

Familiarity with cloud telemetry/log sources and correlating security signals across configuration, identity, and activity.

Infrastructure-as-Code (e.g., Terraform) and cloud-native development experience.

Prior security research background: vulnerability research, threat research, or detection engineering.


📩 if interested, please send your CV to: Показать контакты