Software Engineer, Cloud Security Posture Management

Software Engineer, Cloud Security Posture Management

Oneleet | Full-time | Beaverton | Unknown

Oneleet is a security and compliance platform focused on making cybersecurity and compliance effective, easy, and painless. We monitor and manage cybersecurity programs to help achieve standards such as SOC 2 and ISO 27001. We are a seed-stage company that recently raised a $33 million Series A and are growing rapidly across customers and employees. We are looking for self-starters with a growth mindset who want to solve hard problems and make a real impact.

We value passionate self-starters with a growth mindset and a bias for action and personal accountability. If you love solving hard problems, thrive in ambiguity, and want to make a real impact, you’ll fit right in.

• Rebels with a cause — frustrated with the status quo and eager to disrupt it.
• Opinionated (but not obstinate) builders — decisive yet collaborative, who help us move fast.
• Clear communicators — who own their ideas and follow through.

Our mission is simple: make effective cybersecurity painless. If you’re ready to challenge the status quo and help shape the future of cybersecurity, we’d love to meet you.

As a security platform for startups, our CSPM product monitors cloud environments across AWS, GCP, and Azure to ensure customers are configured securely. We detect exposed storage buckets, verify encryption standards, identify overly permissive IAM policies, and track compliance with security frameworks.

You will extend and improve Oneleet's CSPM capabilities, working on cloud provider integrations, security policy development, and the design and implementation of cloud security monitoring features. You will build detection rules for new attack vectors and ensure our CSPM product scales as customers’ cloud footprints grow. You will work with vulnerability assessments, compliance scanning, configuration monitoring, and risk scoring systems.

As a seed-stage startup, you will collaborate with the founding team to understand business and customer needs and contribute to building the core technology powering the Oneleet platform.

• Build and maintain cloud provider integrations to discover resources, monitor configurations, and detect security risks across multi-cloud environments
• Develop security policies and detection rules to identify misconfigurations, compliance violations, and emerging threats
• Design systems that structure and validate diverse cloud data sources, handling inconsistent APIs and evolving cloud services
• Create comprehensive documentation for CSPM features, security findings, and remediation guidance
• Ensure reliable monitoring and alerting for both customer environments and our CSPM infrastructure
• Contribute to risk scoring algorithms and prioritization logic to help customers focus on critical issues
• Improve engineering standards, tooling, and processes

• Experience with strongly typed compiled languages like Go, Java, C#, C++, or Rust. Go experience preferred.
• 3+ years of development experience, ideally with a focus on backend APIs, integrations, or networking
• Experience with SQL
• Experience building, architecting, or maintaining SaaS platforms
• Experience integrating with REST APIs, implementing solutions based on documentation, or parsing data from sources like spreadsheets

• Bonus:
  Experience in the information security field
• Bonus:
  Knowledge of authentication methods like OAuth 2.0, OIDC, SAML and API security best practices
• Bonus:
  Experience with integration testing and debugging tools
• Bonus:
  Bachelor’s or Master’s degree in Computer Science or related field

• Making the world a more secure, privacy focused, and trusted place
• Automating processes that have a huge impact and save time for many companies at once including a large part of the YC startup community
• Autonomy and the ability to make change within the company
• Working with passionate engineers who care a lot about the product

At Oneleet, you’ll join a tight-knit team of rebels redefining the cybersecurity industry. We move fast, own our work, and challenge…