Senior Backend Engineer - Container Scanning & Security

Who we are

Endor Labs is on a mission to enhance developer productivity and accelerate open-source software adoption by reducing the time teams spend addressing security issues. Our approach and vision are encapsulated in our Founder & CEO's pitch, which can be viewed here: 3-minute pitch.

Recognized as a Gartner Cool Vendor, a RSA Innovation Sandbox finalist, and a Black Hat Innovation Spotlight finalist within just a year of launching, Endor Labs is at the forefront of cloud security innovation. Founded by Varun Badhwar and Dimitri Stiliadis, leaders with a proven track record in creating category-defining cloud security companies, we have successfully raised $70M in Series A funding. Our team comprises the world's leading experts in static analysis and enterprise software, all united in our goal to transform how development and AppSec teams operate

What you’ll do

• Design, develop, and maintain a container security scanning solution that generates Software Bill of Materials (SBOM) and identifies vulnerabilities.
• Implement container image analysis to extract dependencies from package managers.
• Work on container signing and provenance tracking
• Be part of dependency resolution development team working on a distributed, microservices-based system.
• Build and own features end-to-end including unit and integration tests.
• Have the autonomy and the responsibility to design and implement quality features that will be used by customers.
• Use best practices of observability to ensure that the product and the platform have the best reliability and availability for our customers.
• Generate comprehensive SBOMs for container images

What we're looking for

• Expert knowledge of container technologies and container security
• Bachelor's degree in engineering with at least 5 years of experience in building scalable platforms for product/SaaS companies
• Previous experience building security tooling
• At least 3 years of experience in Golang programming with a focus on microservices/distributed architecture.
• Practical experience designing APIs with one or more frameworks (gRPC [preferred], ReST, GraphQL, Thrift, etc.).
• Ability to build and design technical solutions from scratch. Your code and documentation will be an example of coding best practices at Endor Labs.
• Able to work in a fast-paced environment with evolving requirements.
• Ability to solve problems creatively and independently when in uncharted or unfamiliar territory.
• Practical experience in troubleshooting distributed systems and the ability to identify root causes.
• Comfortable with performing and receiving code reviews, providing constructive feedback, and maintaining code quality.
• Ability to collaborate effectively within a team and with cross-functional teams

Nice to have

• Security certifications (CSSLP, CISSP, or equivalent)
• Open Source Contribution: Previous experience contributing to open-source security projects or maintaining open-source libraries.
• Experience implementing secure software development lifecycle (SSDLC)

At Endor Labs, we:

• Strive for excellence in everything we do, prioritizing quality, speed, and impactful outcomes.
• Engage in first principles thinking to debate ideas, test assumptions, and make decisions.
• Put data above opinions, seeking truth and clarity in all our endeavors.
• Embrace a culture of feedback and continuous improvement, assuming good intent in all interactions.
• Celebrate wins as a team, understanding that our collective success is intertwined with the success of our customers.