Job Description
<p><p><b>Job Role Overview :</b></p><p><br/> Were building a modern, cloud-native AI first platform that continuously evaluates entity cyber risk, streamlines due diligence, quantifies exposure, and drives remediation at scale.<br/><br/> We are looking for an architect who can take this product from concept to scalable realityowning the end-to-end architecture, guiding implementation, and mentoring a high-performing engineering Youll DO :</b></p><p><br/> - Own the product architecture: for a multi-tenant, enterprise-grade SaaS: domain modelling, service decomposition, data design, and integration strategy.</p><br/> - Define the technical roadmap: and reference architectures across ingestion, scoring, assessments, evidence management, workflows, analytics, and ecosystem integrations.<br/><br/> - Lead hands-on development: of core services (you will code), establishing patterns for resilience, cost efficiency, security, and operability (SLOs, SLIs, SLAs).<br/><br/> - Design a continuous monitoring engine: that ingests external signals (attack surface exposure/hygiene checks, vulnerability and breach intel) and internal evidence to generate risk scores and alerts.<br/><br/> - Own data architecture: OLTP for workflows, streaming pipelines for signals, analytical stores for reporting, and governance for lineage, retention, and residency.<br/><br/> - Assessment & workflow engine: questionnaire authoring/versioning, branching logic, scoring, evidence collection, exceptions, remediation SLAs, and approvals.<br/><br/> - Risk modelling: design a defensible vendor risk scoring model (configurable weights/decay), control effectiveness mapping, and portfolio-level analytics.<br/><br/> - Integration strategy: build a connector framework/SDK for ticketing, GRC, SIEM/SOAR, ITSM, procurement/vendor portals, identity providers, and major cloud platforms.<br/><br/> - Mentor & elevate engineers: establish coding standards, review designs/PRs, and grow a pragmatic engineering culture focused on outcomes.<br/><br/> - Partner with Product & UX to translate customer needs into resilient technical designs; validate through prototypes and iterative Youll Need :</b><br/><br/> - 8-10 years of professional software engineering with 3 years as an architect/principal/lead for multi-tenant enterprise SaaS.<br/><br/> - Shipped platforms from zero-to-one through scale-up (thousands of tenants, multi-region).<br/><br/> - Meaningful experience in security, risk, or compliance products (assessments, workflows, analytics, evidence/audit features).<br/><br/> - Proven track record designing event-driven architectures (microservices or well-structured modular monoliths with clear bounded contexts).<br/><br/> - Delivered systems with 99.<br/><br/>9%+ availability, sensible RTO/RPO, and the right mix of strong vs.<br/><br/> eventual consistency.<br/><br/> - Led cross-functional initiatives with Product, Security, SRE, and Data teams and stayed hands-on for critical Skills And Experience :</b></p><p><br/><p><b>Back-end & Services :</b><br/> - Primary language: Go plus Python/Node.js familiarity for data tasks/tooling.</p></p> <br/> - APIs: REST/GraphQL/gRPC; async messaging (Kafka/Pulsar/SQS); idempotency and retry/backoff patterns.<br/><br/> - Patterns: DDD, CQRS/Event Sourcing (where justified), sagas/orchestration, circuit breakers, bulkheads.<br/><br/> <b>Data & Analytics :</b></p><p><b><br/></b></p><p>- Relational (PostgreSQL/MySQL) for core domains; NoSQL (e.g , DynamoDB/Firestore) where appropriate; Redis for caching.<br/><br/> - Streaming & ETL (Kafka Connect/Flink/Spark or equivalents).<br/><br/> - Search (OpenSearch/Elasticsearch), time-series (Prometheus/ClickHouse/Timescale), and columnar warehouses (BigQuery/Redshift/Snowflake).<br/><br/> - Modeling for questionnaires/evidence, findings/controls, and relationships (graph DB familiarity is a plus).<br/><br/>- Building assessment engines (templating, branching logic, scoring), evidence collection & validation, and remediation workflows.<br/><br/> - Continuous monitoring of external signals: exposure discovery, configuration posture, breach/leak indicators, attack-surface hygiene.<br/><br/> - Risk models: weighted scoring, decay functions, confidence intervals; mapping to control frameworks (e.g , ISO 27001, NIST CSF/800-53, SOC 2, PCI DSS, HIPAA).<br/><br/> - Reporting & analytics for executives and regulators: portfolio heatmaps, trends, quantified summaries.<br/><br/> <b>LLM/Agentic AI :</b><br/><br/> - Experience with Agentic/automation patterns for triage/remediation; LLM-assisted evidence summarization with guardrails and red-teaming for cybersecurity-related use cases.</p><br/></p> (ref:hirist.tech)