About the Product :

QuantShield is an enterprise-grade security scanning platform that provides comprehensive vulnerability detection, cryptographic asset management, and compliance monitoring for containerized applications. The platform includes real-time scanning, CBOM (Crypto Bill of Materials) generation, HSM/KMS integrations, and policy-based compliance validation.

Role Overview :

We are seeking a Senior Python Backend Security Engineer to design, maintain, and enhance our FastAPI-based backend systems. This role focuses heavily on backend architecture, API development, database optimization, vulnerability scanning logic, and infrastructure reliability.

Key Responsibilities :

Backend Development :

- Maintain and enhance Python 3.11+ backend services built with FastAPI

- Design and implement scalable RESTful APIs

- Develop new vulnerability scanning and detection logic

- Optimize SQLAlchemy models and PostgreSQL queries

- Implement background jobs and real-time processing features

- Write unit, integration, and performance tests

Security Engineering (Backend-Focused) :

- Implement secure authentication flows (OAuth2, OIDC, JWT)

- Enforce secure coding practices and OWASP standards

- Integrate vulnerability databases (CVE, NVD feeds)

- Work with OPA (Open Policy Agent) for policy validation

- Implement secure API validation and request handling

DevOps & Infrastructure :

- Maintain Dockerized services and multi-container environments

- Manage Kubernetes/K3s deployments

- Optimize PostgreSQL configuration and performance

- Implement CI/CD pipelines using Jenkins or GitHub Actions

- Monitor application health and logging

Required Skills :

Backend & Programming :

- Advanced Python (FastAPI, SQLAlchemy, Pydantic)

- Strong PostgreSQL expertise (indexes, query optimization, migrations)

- REST API design and OpenAPI documentation

- WebSockets for real-time features

- Git and branching strategies

DevOps :

- Docker & Docker Compose

- Kubernetes & Helm

- Jenkins or GitHub Actions

- Linux CLI and shell scripting

Security Knowledge :

- Understanding of OAuth2, OIDC, JWT

- Familiarity with OWASP Top 10

- Experience with vulnerability scanning tools (Trivy, Grype, etc.)

Nice to Have :

- Experience building security scanning tools

- Knowledge of SBOM/CBOM standards

- Familiarity with compliance frameworks (SOC2, ISO 27001, PCI-DSS)

- Experience with Go or Rust

Experience Requirements :

- 4+ years backend/full-stack development

- 2+ years working on security-related systems

- Bachelor's degree in Computer Science or equivalent experience