Job Openings Lead Engineer (Cyber security)

About the job Lead Engineer (Cyber security)

Lead Engineer (Cyber security)

Our client is an AI security platform that acts as a security gateway between AI agents and databases. As companies increasingly allow AI agents to interact directly with systems and data, our client helps prevent sensitive data exposure, destructive queries, compliance violations and operational mistakes. The platform inspects and controls database interactions in real time through policy enforcement, threat detection and comprehensive audit logging. The product is already built and operational, and the business is now entering its next phase of platform hardening, product acceleration and go-to-market execution.

  

Role Overview

This is a founding-level technical leadership role with significant ownership and equity participation. The Lead Engineer will take ownership of the production codebase, work closely with the founder and play a key role in hardening, scaling and extending the platform.

 

Overall Candidate Profile

Our client is looking for high-calibre, self-starting individuals who can operate with full ownership in a founder-led, early-stage environment. The successful candidates should be motivated, pragmatic, ambitious and comfortable working closely with the founder during an intensive build-and-launch phase.

  • Strong ownership mentality with the ability to work independently without constant direction.
  • High integrity, sound judgement and a practical problem-solving approach.
  • Comfortable in a lean startup environment where priorities can move quickly.
  • Able to contribute strategically while also remaining hands-on and execution focused.
  • Preference for a small number of exceptional, carefully vetted candidates over a high-volume shortlist.

  

Job Type: Full Time/Independent Contractor 

Location: Cape Town

Work Place: Onsite

  

Requirements

  • 8+ years of software engineering experience.

  • Strong TypeScript, Node.js and Python experience.

  • Solid PostgreSQL knowledge, including the ability to work with complex database interactions.

  • Experience with authentication, OAuth, API integrations and secure systems.
  • Strong cloud experience, with Google Cloud Platform (GCP) highly desirable.
  • Comfortable taking ownership of a production codebase and making pragmatic technical decisions.
  • Startup-minded, self-motivated and able to work independently alongside the founder.

  

Bonus Experience

  • Cybersecurity experience.

  • Fintech or payments experience.

  • Database internals, performance optimisation or secure data access expertise.

   

Tech Stack

Two web apps that work together: a Python/Flask marketing & database-protection site, and a React + TypeScript AI Gateway portal, both backed by PostgreSQL. The ideal hire moves comfortably between Python and TypeScript — someone strong in only one half will struggle.

  

The Three Services

 

Landing & DB Protection

  • Python / Flask

  • Landing pages, pricing, registration, billing checkout, database-protection login & dashboard.

  • Jinja2 templates, session auth, bcrypt / TOTP.

  

AI Gateway Portal

  • Node.js / Express + React

  • Manage AI agents, security policies, queries, anomalies, and database connections.

  

DB Protection Portal

  • Node.js / Express + React

  • WORM backup management, restore approvals, ransomware protection, audit logs.

  

Must-Have Skills

Backend — Python / Flask

  • Flask web framework

  • Jinja2 server-side templates

  • Session auth, bcrypt, TOTP / 2FA

  • REST API design

  • Gunicorn (production WSGI server)

  

Backend — Node.js / TypeScript

  • Express web server

  • TypeScript throughout

  • Drizzle ORM for database access

  • Session handling & auth

  • REST API design

  

Frontend — React

  • React 18 + TypeScript

  • Vite build tool

  • Tailwind CSS + shadcn/ui

  • wouter client-side routing

  

Database — PostgreSQL

  • PostgreSQL (AWS RDS in production)

  • Schema design & migrations

  • Drizzle ORM

  • Indexing & query performance

  

Good to Have

AWS Infrastructure

  • ECS Fargate

  • ECR

  • ALB

  • Route53

  • ACM

  • CodeBuild

  • Secrets Manager

  • CloudWatch

  • CloudTrail

  • GuardDuty


Payments & Integrations

  • Paddle (merchant of record)

  • OAuth flows (Gmail, Slack, GitHub, Salesforce)

  • Resend (email)


DevOps

  • Docker & Dockerfiles

  • Terraform (20 infrastructure modules)

  • CodeBuild CI/CD pipelines


Security Mindset

  • Rate limiting

  • Injection prevention

  • Audit logging

  • Reverse proxying between services


Nice to Have

AWS Infrastructure (Production)

  • ECS Fargate

  • ECR

  • ALB

  • Route53

  • ACM

  • RDS (PostgreSQL)

  • CodeBuild

  • AWS Backup

  • Secrets Manager

  • GuardDuty

  • CloudWatch

  • CloudTrail