About Cyble

Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India

Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone.

At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more about Cyble, visit www.cyble.com.

Job Role Overview

We’re building a modern, cloud-native AI first platform that continuously evaluates entity cyber risk, streamlines due diligence, quantifies exposure, and drives remediation at scale. We are looking for an architect who can take this product from concept to scalable reality—owning the end-to-end architecture, guiding implementation, and mentoring a high-performing engineering team.

What You’ll DO

• Own the product architecture: for a multi-tenant, enterprise-grade SaaS: domain modelling, service decomposition, data design, and integration strategy.
• Define the technical roadmap: and reference architectures across ingestion, scoring, assessments, evidence management, workflows, analytics, and ecosystem integrations.
• Lead hands-on development: of core services (you will code), establishing patterns for resilience, cost efficiency, security, and operability (SLOs, SLIs, SLAs).
• Design a continuous monitoring engine: that ingests external signals (attack surface exposure/hygiene checks, vulnerability and breach intel) and internal evidence to generate risk scores and alerts.
• Own data architecture: OLTP for workflows, streaming pipelines for signals, analytical stores for reporting, and governance for lineage, retention, and residency.
• Assessment & workflow engine: questionnaire authoring/versioning, branching logic, scoring, evidence collection, exceptions, remediation SLAs, and approvals.
• Risk modelling: design a defensible vendor risk scoring model (configurable weights/decay), control effectiveness mapping, and portfolio-level analytics.
• Integration strategy: build a connector framework/SDK for ticketing, GRC, SIEM/SOAR, ITSM, procurement/vendor portals, identity providers, and major cloud platforms.
• Mentor & elevate engineers: establish coding standards, review designs/PRs, and grow a pragmatic engineering culture focused on outcomes.
• Partner with Product & UX to translate customer needs into resilient technical designs; validate through prototypes and iterative delivery.
  
  

What You’ll Need

• 8-10 years of professional software engineering with 3 years as an architect/principal/lead for multi-tenant enterprise SaaS.
• Shipped platforms from zero-to-one through scale-up (thousands of tenants, multi-region).
• Meaningful experience in security, risk, or compliance products (assessments, workflows, analytics, evidence/audit features).
• Proven track record designing event-driven architectures (microservices or well-structured modular monoliths with clear bounded contexts).
• Delivered systems with 99.9%+ availability, sensible RTO/RPO, and the right mix of strong vs. eventual consistency.
• Led cross-functional initiatives with Product, Security, SRE, and Data teams and stayed hands-on for critical services.
  
  

Knowledge, Skills And Experience

Back-end & Services

• Primary language: Go plus Python/Node.js familiarity for data tasks/tooling.
• APIs: REST/GraphQL/gRPC; async messaging (Kafka/Pulsar/SQS); idempotency and retry/backoff patterns.
• Patterns: DDD, CQRS/Event Sourcing (where justified), sagas/orchestration, circuit breakers, bulkheads.
  
  

Data & Analytics

• Relational (PostgreSQL/MySQL) for core domains; NoSQL (e.g., DynamoDB/Firestore) where appropriate; Redis for caching.
• Streaming & ETL (Kafka Connect/Flink/Spark or equivalents).
• Search (OpenSearch/Elasticsearch), time-series (Prometheus/ClickHouse/Timescale), and columnar warehouses (BigQuery/Redshift/Snowflake).
• Modeling for questionnaires/evidence, findings/controls, and relationships (graph DB familiarity is a plus).
  
  

Domain Expertise (Vendor/Supplier Risk Monitoring, Attack Surface Management & GRC Compliance) will be a big advantage

• Building assessment engines (templating, branching logic, scoring), evidence collection & validation, and remediation workflows.
• Continuous monitoring of external signals: exposure discovery, configuration posture, breach/leak indicators, attack-surface hygiene.
• Risk models: weighted scoring, decay functions, confidence intervals; mapping to control frameworks (e.g., ISO 27001, NIST CSF/800-53, SOC 2, PCI DSS, HIPAA).
• Reporting & analytics for executives and regulators: portfolio heatmaps, trends, quantified summaries.
  
  

LLM / Agentic AI

• Experience with Agentic/automation patterns for triage/remediation; LLM-assisted evidence summarization with guardrails and red-teaming for cybersecurity-related use cases.