Software Engineer, Cloud Security Posture Management

About Oneleet:

Oneleet is on a mission to revolutionize the industry. We make cybersecurity easy, effective, and painless through a comprehensive platform that helps companies build, manage, and monitor their cybersecurity programs.

Backed by Y Combinator (S22) and top-tier VCs, our founding team brings over a decade of penetration testing and cybersecurity experience. Join our remote-first crew of opinionated rebels building a category-defining company to fix a broken, fragmented industry.

Who we’re looking for:

We value passionate self-starters with a growth mindset and a bias for action and personal accountability. If you love solving hard problems, thrive in ambiguity, and want to make a real impact, you’ll fit right in.

We’re especially drawn to:

• Rebels with a cause — frustrated with the status quo and eager to disrupt it.

• Opinionated (but not obstinate) builders — decisive yet collaborative, who help us move fast.

• Clear communicators — who own their ideas and follow through.

Our mission is simple: make effective cybersecurity painless. We believe cybersecurity should empower, not burden. This belief unites our team and drives every decision we make.

If you’re ready to challenge the status quo and help shape the future of cybersecurity, we’d love to meet you.

As a security platform for startups, our CSPM product monitors cloud environments across AWS, GCP, and Azure to ensure customers are configured securely. For example, we detect exposed storage buckets, verify encryption standards, identify overly permissive IAM policies, and track compliance with security frameworks.

You will extend and improve Oneleet's CSPM capabilities, working on everything from cloud provider integrations to security policy development. You'll contribute to the design and implementation of cloud security monitoring features, build detection rules for new attack vectors, and ensure our CSPM product scales reliably as customers' cloud footprints grow. You'll work with various security solutions including vulnerability assessments, compliance scanning, configuration monitoring, and risk scoring systems.

As a seed stage startup, you'll have the opportunity to collaborate with the founding team to understand business/customer needs and contribute to building the core technology that powers the Oneleet platform.

Key Responsibilities:

• Build and maintain cloud provider integrations to discover resources, monitor configurations, and detect security risks across multi-cloud environments

• Develop security policies and detection rules to identify misconfigurations, compliance violations, and emerging threats

• Design systems that structure and validate diverse cloud data sources, handling inconsistent APIs and evolving cloud services

• Create comprehensive documentation for CSPM features, security findings, and remediation guidance

• Ensure reliable monitoring and alerting for both customer environments and our own CSPM infrastructure

• Contribute to risk scoring algorithms and prioritization logic to help customers focus on critical issues

• Improve engineering standards, tooling, and processes

Qualifications:

• Experience with strongly typed compiled languages like Go, Java, C#, C++, or Rust. We strongly prefer Go experience.

• 3+ years of development experience, ideally with a focus on backend APIs, integrations, or networking

• Experience with SQL

• Experience building, architecting, or maintaining SaaS platforms

• Experience integrating with REST APIs, implementing solutions based on documentation, or parsing data from sources like spreadsheets

  Bonus: Experience in the information security field

• Bonus: Knowledge of authentication methods like OAuth 2.0, OIDC, SAML and API security best practices

• Bonus: Experience with integration testing and debugging tools

• Bonus: Bachelor's or Master's degree in Computer Science or related field

You should apply if any of the following excite you:

• Making the world a more secure, privacy focused, and trusted place.

• Automating processes that have a huge impact and save time for many companies at once including a large part of the YC startup community.

• Autonomy and the ability make change within the company.

• Working with passionate engineers who care a lot about the product.

Why Oneleet?

At Oneleet, you’ll join a tight-knit team of rebels redefining the cybersecurity industry. We move fast, own our work, and challenge outdated models to make security effortless and effective for companies.

Here’s what makes us special:

• We value impact over titles, autonomy over micromanagement, and clarity over jargon.

• You’ll tackle meaningful, hard problems with real-world consequences.

• You’ll work with smart, kind, and ambitious teammates who lift each other up.

Perks & Benefits

• Comprehensive health & welless benefits

• Competitive comp & equity

• Generous PTO, including floating holidays to honor what matters most to you

• Flexible, remote work culture

• Quarterly off-sites to cool places (Amsterdam, Italy, etc).

Remote-First & Global Hiring

We’re a remote-first company and hire globally in regions where we can legally engage talent—either directly or via our employer-of-record (PEO) partner. If you’re based outside the U.S., we’ll explore the most compliant hiring arrangement for your location.

U.S. Hiring & E-Verify

For U.S.-based candidates, Oneleet participates in E-Verify to confirm employment eligibility, in accordance with federal regulations.