We are hiring a Senior Software Developer to lead the development of our internal malware research platform. This is a senior, hands-on role with end-to-end ownership of development and delivery. You'll be the technical authority - setting code-quality standards, making the architecture calls, and mentoring the developer team.
What makes this role different is who you build for. Our users are our malware researchers, and they use the tool every day. Your job is to sit beside them, learn how they actually work, surface the heuristics and edge cases they carry in their heads, and build agentic tooling that compounds their productivity. The bar isn't "does it ship" - it's "do the researchers reach for it every day." Success is measured in researcher adoption and time saved, not features merged.
Agentic workflows are core to how we build. You should be fluent using them and confident designing systems where agents run in production - with clear judgment about where an agent earns its keep versus where deterministic code or a human-in-the-loop is the right call.
What You'll Do
Lead development and deliveryף
Own technical execution end-to-end: implementation, code review, and release.
Translate research workflows and feature requests into well-scoped tasks with realistic, risk-aware estimates the team can plan against.
Manage day-to-day execution: unblock people, sequence work, catch problems early.
Set and defend the technical bar: review rigor, testing discipline, documentation, architectural consistency.
Partner with the researchers - and amplify them:
Embed with malware researchers to understand their workflow and capture the tacit knowledge and edge cases no spec ever wrote down.
Translate that knowledge into reliable agentic tooling - and know when an agent is confidently wrong before it ever reaches a researcher.
Spend roughly 5-10% of your time doing actual malware research (with structured onboarding) to stay close to how the tool is used.
Be willing to tell a researcher when a proposed workflow won't automate well - and explain why.
Be the technical authority and mentor:
Make the hard architecture and design trade-off calls.
Mentor through code review, pairing, and design discussions. Raise the level of everyone around you.
Dive deep on the critical, difficult features and bug fixes yourself.
Design agentic workflows into the architecture from the start, and build the evaluations and guardrails that keep them trustworthy.
Requirements: Must-have
5+ years of software development experience, with a track record of delivering products to production - not just prototypes or POCs.
Strong Python, including async (asyncio), modern typing, and a disciplined testing approach (pytest).
Hands-on Playwright experience in production - not one-off scripts.
Production experience with agentic workflows: building, deploying, and operating LLM-powered systems that plan, call tools, and execute multi-step tasks - using a modern agent framework (e.g., LangGraph, the Anthropic Claude Agent SDK, the OpenAI Agents SDK, or DSPy).
Experience building evaluations and guardrails to measure agent quality and catch regressions before they reach a user (e.g., MLflow GenAI evaluation & tracing, LangSmith, or Braintrust).
Proven experience leading development efforts: estimation, task breakdown, code review, and mentoring.
Experience building tools used internally by expert users (vs. external end-user products), or a clear instinct for the difference.
Nice to have:
Background in cybersecurity, malware research, threat intelligence, or an adjacent security domain.
Experience with reverse-engineering tools, sandboxes, or malware-analysis pipelines.
RAG and retrieval pipelines (indexing, reranking, grounding) and a vector store (e.g., pgvector).
Cloud-native infrastructure (AWS, Kubernetes), containers (Docker), CI/CD (GitHub Actions), and observability stacks (OpenTelemetry, Grafana / Coralogix or equivalent).
This position is open to all candidates.