Software Engineer, Cloud Security Posture Management

About Oneleet

Oneleet is one of the fastest-growing security and compliance platforms in history. We are on a mission to change the compliance and security industry by making cybersecurity and compliance effective, easy, and painless. We provide a platform that helps companies build, manage, and monitor their cybersecurity programs and achieve compliance standards such as SOC 2 and ISO 27001 efficiently, without cutting corners.

Having just raised a $33 million Series A, we are rapidly growing in customers and employees. Our team has decades of experience in security and compliance. Join our team of opinionated rebels and help us build a category-defining company reshaping the broken and fragmented compliance and cybersecurity industry.

Who we’re looking for:

We value passionate self-starters with a growth mindset and a bias for action and personal accountability. If you love solving hard problems, thrive in ambiguity, and want to make a real impact, you’ll fit right in.

We’re especially drawn to:

• Rebels with a cause — frustrated with the status quo and eager to disrupt it.

• Opinionated (but not obstinate) builders — decisive yet collaborative, who help us move fast.

• Clear communicators — who own their ideas and follow through.

Our mission is simple: make effective cybersecurity painless. We believe cybersecurity should empower, not burden. This belief unites our team and drives every decision we make.

If you’re ready to challenge the status quo and help shape the future of cybersecurity, we’d love to meet you.

As a security platform for startups, our CSPM product monitors cloud environments across AWS, GCP, and Azure to ensure customers are configured securely. For example, we detect exposed storage buckets, verify encryption standards, identify overly permissive IAM policies, and track compliance with security frameworks.

You will extend and improve Oneleet's CSPM capabilities, working on everything from cloud provider integrations to security policy development. You'll contribute to the design and implementation of cloud security monitoring features, build detection rules for new attack vectors, and ensure our CSPM product scales reliably as customers' cloud footprints grow. You'll work with various security solutions including vulnerability assessments, compliance scanning, configuration monitoring, and risk scoring systems.

As a seed stage startup, you'll have the opportunity to collaborate with the founding team to understand business/customer needs and contribute to building the core technology that powers the Oneleet platform.

Key Responsibilities:

• Build and maintain cloud provider integrations to discover resources, monitor configurations, and detect security risks across multi-cloud environments

• Develop security policies and detection rules to identify misconfigurations, compliance violations, and emerging threats

• Design systems that structure and validate diverse cloud data sources, handling inconsistent APIs and evolving cloud services

• Create comprehensive documentation for CSPM features, security findings, and remediation guidance

• Ensure reliable monitoring and alerting for both customer environments and our own CSPM infrastructure

• Contribute to risk scoring algorithms and prioritization logic to help customers focus on critical issues

• Improve engineering standards, tooling, and processes

Qualifications:

• Experience with strongly typed compiled languages like Go, Java, C#, C++, or Rust. We strongly prefer Go experience.

• 3+ years of development experience, ideally with a focus on backend APIs, integrations, or networking

• Experience with SQL

• Experience building, architecting, or maintaining SaaS platforms

• Experience integrating with REST APIs, implementing solutions based on documentation, or parsing data from sources like spreadsheets

  Bonus: Experience in the information security field

• Bonus: Knowledge of authentication methods like OAuth 2.0, OIDC, SAML and API security best practices

• Bonus: Experience with integration testing and debugging tools

• Bonus: Bachelor's or Master's degree in Computer Science or related field

You should apply if any of the following excite you:

• Making the world a more secure, privacy focused, and trusted place.

• Automating processes that have a huge impact and save time for many companies at once including a large part of the YC startup community.

• Autonomy and the ability make change within the company.

• Working with passionate engineers who care a lot about the product.

Why Oneleet?

At Oneleet, you’ll join a tight-knit team of rebels redefining the cybersecurity industry. We move fast, own our work, and challenge outdated models to make security effortless and effective for companies.

Here’s what makes us special:

• We value impact over titles, autonomy over micromanagement, and clarity over jargon.

• You’ll tackle meaningful, hard problems with real-world consequences.

• You’ll work with smart, kind, and ambitious teammates who lift each other up.

Perks & Benefits

• Comprehensive health & welless benefits

• Competitive comp & equity

• Generous PTO, including floating holidays to honor what matters most to you

• Flexible, remote work culture

• Quarterly off-sites to cool places (Amsterdam, Italy, etc).

Remote-First & Global Hiring

We’re a remote-first company and hire globally in regions where we can legally engage talent—either directly or via our employer-of-record (PEO) partner. If you’re based outside the U.S., we’ll explore the most compliant hiring arrangement for your location.

U.S. Hiring & E-Verify

For U.S.-based candidates, Oneleet participates in E-Verify to confirm employment eligibility, in accordance with federal regulations.