Were building a modern, cloud-native AI first platform that continuously evaluates entity cyber risk, streamlines due diligence, quantifies exposure, and drives remediation at scale.

We are looking for an architect who can take this product from concept to scalable realityowning the end-to-end architecture, guiding implementation, and mentoring a high-performing engineering team.

What Youll DO :

- Own the product architecture: for a multi-tenant, enterprise-grade SaaS: domain modelling, service decomposition, data design, and integration strategy.

- Define the technical roadmap: and reference architectures across ingestion, scoring, assessments, evidence management, workflows, analytics, and ecosystem integrations.

- Lead hands-on development: of core services (you will code), establishing patterns for resilience, cost efficiency, security, and operability (SLOs, SLIs, SLAs).

- Design a continuous monitoring engine: that ingests external signals (attack surface exposure/hygiene checks, vulnerability and breach intel) and internal evidence to generate risk scores and alerts.

- Own data architecture: OLTP for workflows, streaming pipelines for signals, analytical stores for reporting, and governance for lineage, retention, and residency.

- Assessment & workflow engine: questionnaire authoring/versioning, branching logic, scoring, evidence collection, exceptions, remediation SLAs, and approvals.

- Risk modelling: design a defensible vendor risk scoring model (configurable weights/decay), control effectiveness mapping, and portfolio-level analytics.

- Integration strategy: build a connector framework/SDK for ticketing, GRC, SIEM/SOAR, ITSM, procurement/vendor portals, identity providers, and major cloud platforms.

- Mentor & elevate engineers: establish coding standards, review designs/PRs, and grow a pragmatic engineering culture focused on outcomes.

- Partner with Product & UX to translate customer needs into resilient technical designs; validate through prototypes and iterative delivery.

What Youll Need :

- 8-10 years of professional software engineering with 3 years as an architect/principal/lead for multi-tenant enterprise SaaS.

- Shipped platforms from zero-to-one through scale-up (thousands of tenants, multi-region).

- Meaningful experience in security, risk, or compliance products (assessments, workflows, analytics, evidence/audit features).

- Proven track record designing event-driven architectures (microservices or well-structured modular monoliths with clear bounded contexts).

- Delivered systems with 99.

9%+ availability, sensible RTO/RPO, and the right mix of strong vs.

eventual consistency.

- Led cross-functional initiatives with Product, Security, SRE, and Data teams and stayed hands-on for critical services.

Knowledge, Skills And Experience :

Back-end & Services :
- Primary language: Go plus Python/Node.js familiarity for data tasks/tooling.

- APIs: REST/GraphQL/gRPC; async messaging (Kafka/Pulsar/SQS); idempotency and retry/backoff patterns.

- Patterns: DDD, CQRS/Event Sourcing (where justified), sagas/orchestration, circuit breakers, bulkheads.

Data & Analytics :

- Relational (PostgreSQL/MySQL) for core domains; NoSQL (e.g , DynamoDB/Firestore) where appropriate; Redis for caching.

- Streaming & ETL (Kafka Connect/Flink/Spark or equivalents).

- Search (OpenSearch/Elasticsearch), time-series (Prometheus/ClickHouse/Timescale), and columnar warehouses (BigQuery/Redshift/Snowflake).

- Modeling for questionnaires/evidence, findings/controls, and relationships (graph DB familiarity is a plus).

- Building assessment engines (templating, branching logic, scoring), evidence collection & validation, and remediation workflows.

- Continuous monitoring of external signals: exposure discovery, configuration posture, breach/leak indicators, attack-surface hygiene.

- Risk models: weighted scoring, decay functions, confidence intervals; mapping to control frameworks (e.g , ISO 27001, NIST CSF/800-53, SOC 2, PCI DSS, HIPAA).

- Reporting & analytics for executives and regulators: portfolio heatmaps, trends, quantified summaries.

LLM/Agentic AI :

- Experience with Agentic/automation patterns for triage/remediation; LLM-assisted evidence summarization with guardrails and red-teaming for cybersecurity-related use cases.