At Cerby we believe security is everyone’s business. Collaborating across your apps doesn’t need to be chaos. We are a mission-critical cybersecurity company that empowers your teams to operate securely and control their apps completely. We’ve built our product on the idea that teams deserve autonomy over their work apps. It turns out that why they are guaranteed a choice, security comes naturally.
More than 50% of all technology is spent outside of centralized IT organizations. Individual business units are taking their technology destiny into their own hands, and we enable that. End user onboarded applications are behind more than one third of all cybersecurity hacks. We provide the solution to manage that through enabling users to select their own technology and we automatically protect those applications.
KEY RESPONSIBILITIES:
- Design and Develop: Build scalable, high-performance software solutions that align with business goals and user needs, leveraging AI-assisted tools and techniques as part of your engineering practice.
- Collaborate: Work closely with product managers, engineering managers, UX designers, and other engineers to deliver high-quality features and functionality.
- Code Excellence: Write clean, maintainable, and efficient code, adhering to best practices and coding standards. Help define and promote best practices across the engineering org, including how AI tools can be responsibly and effectively integrated into development workflows.
- Continuous Improvement: Participate in code reviews, share knowledge with team members, and continuously improve development processes.
- Innovation and Curiosity: Champion new technologies, frameworks, and methodologies that drive innovation and product evolution, while continuously exploring ways to leverage AI in your day-to-day work to boost personal efficiency and empower those around you to do the same.
- Security Mindset: Actively contribute to our security-first approach by proactively identifying vulnerabilities and implementing robust solutions, including applying a critical eye toward how AI tools are used in secure development contexts.
- Remote Collaboration: Collaborate effectively in a remote-first environment, ensuring seamless communication and teamwork across time zones.
- Culture: Demonstrates leadership and lives Cerby’s core values to achieve positive outcomes. Help cultivate an environment where experimenting with AI is encouraged, learnings are shared openly, and the team grows together.
- Problem-Solving: Strong analytical and problem-solving skills with a focus on delivering high-quality solutions.
- Communication Skills: Ability to communicate complex technical concepts clearly and concisely both in written and verbal form
- Team Collaboration: Collaborate and thrive in agile teams, actively mentoring engineers, sharing knowledge across the org, and leveraging AI to accelerate documentation (runbooks, ADRs, onboarding guides, post-mortems) to free more time for the deep technical conversations that actually transfer expertise.
QUALIFICATIONS & REQUIRED SKILLS:
- Experience:
- 5+ years of professional software engineering experience, with a focus on building and scaling SaaS applications.
- 3+ years of hands-on experience with authentication and authorization systems
- Prior experience developing and maintaining Distributed Applications
- Previous experience mentoring junior developers and conducting security-first code reviews
- Technical Expertise:
- Experience with designing, developing, and maintaining scalable SaaS applications in a high performance startup environment (prior experience in high growth venture funded SaaS startups preferred)
- Deep understanding of authentication and authorization protocols: OIDC (OpenID Connect), SAML, and SCIM
- Strong knowledge of identity and access management (IAM) concepts including RBAC and ABAC
- REST API design and development experience, especially from a security aspect
- Solid understanding of web security vulnerabilities and mitigation strategies (CORS, XSS, CSRF, etc.)
- Knowledge of token-based authentication systems including JWT implementation and security considerations
- Experience with session management and secure authentication flows
- Prior experience in cyber security is a plus.
- Proficiency in:
- Backend programming languages: Python, Go, or equivalent.
- Cloud platforms and prior experience building scalable cloud-based systems.
- Queuing, Messaging and Streaming platforms such as SQS.
- Distributed data stores (S3), plus relational databases (MySQL, PostgreSQL), and key/value databases (Redis, DynamoDB, or similar).
- Software engineering practices such as Agile and Scrum, CI/CD, Collective Code Ownership.
- Architecting and designing distributed, fault-tolerant, high-availability, and resilient systems.
- Proven ability to instrument distributed systems with well-designed telemetry and observability code, including metrics, traces, and log management (prior experience with OpenTelemetry and Datadog a plus).
- Ability to own and drive the software development from design through development, testing, delivery and production release. Writes maintainable code, high quality, scalable, and secure code.
- Nice to have:
- Experience working with security compliance frameworks (SOC 2, GDPR, HIPPA, etc.)
- Proven track record of integrating with Identity Providers (IdPs) such as Okta, EntraID, or similar platforms
- Experience implementing Single Sign-On (SSO) and federated identity management solutions
- Prior experience in a venture funded high-growth SaaS startup preferred.
- Familiarity with encryption processes and key management is a plus.
DESIRED QUALITIES:
- Resourceful Achiever: Self-motivated, proactive, and adaptable in solving complex technical challenges.
- Product Minded: Strong ability to understand customer value, to translate customer needs into software products that deliver tangible customer value.
- Precision Executor: Focused on optimizing performance, scalability, and reliability in software delivery.
- Team Player: Strong interpersonal skills, fostering a culture of collaboration and shared success. Actively mentor other engineers.
- Lifelong Learner: A continuous curiosity to learn and explore emerging technologies and industry trends.
- Innovative Thinker: Open to creative solutions, and comfortable navigating ambiguity.
Skills Required
- 5+ years professional software engineering experience building and scaling SaaS applications
- 3+ years hands-on experience with authentication and authorization systems
- Experience developing and maintaining distributed applications
- Prior experience mentoring junior developers and conducting security-first code reviews
- Deep understanding of OIDC (OpenID Connect), SAML, and SCIM
- Strong knowledge of IAM concepts including RBAC and ABAC
- REST API design and development experience with security focus
- Solid understanding of web security vulnerabilities and mitigations (CORS, XSS, CSRF)
- Knowledge of token-based authentication systems, including JWT implementation and security considerations
- Experience with session management and secure authentication flows
- Proficiency in backend programming languages: Python, Go, or equivalent
- Experience building scalable cloud-based systems
- Experience with queuing, messaging, and streaming platforms such as SQS
- Experience with distributed data stores (S3), relational DBs (MySQL, PostgreSQL), and key/value DBs (Redis, DynamoDB)
- Familiarity with software engineering practices: Agile/Scrum, CI/CD, collective code ownership
- Ability to architect and design distributed, fault-tolerant, highly available systems
- Proven ability to instrument distributed systems with telemetry and observability (OpenTelemetry, Datadog a plus)
- Prior experience in cybersecurity
- Experience with security compliance frameworks (SOC 2, GDPR, HIPAA)
- Experience integrating with Identity Providers (Okta, EntraID) and implementing SSO/federated identity
- Familiarity with encryption processes and key management
- Prior experience in a venture-funded high-growth SaaS startup
What We Do
Cerby is the only identity security platform built for disconnected apps, providing IT and Security teams with full control over apps that lack APIs or support for protocols like SAML or SCIM. Seamlessly integrating with your central identity provider, Cerby extends critical security automations—such as SSO, MFA, and lifecycle management—to any app without incurring the costly “SSO tax.” With Cerby, teams can automate essential tasks like user deprovisioning and password rotations, reducing manual work while closing security gaps. With Cerby, your team can: ✔ Centralize and automate access controls for disconnected apps ✔Securely share access to corporate social media accounts ✔ Streamline lifecycle management for apps without APIs or SCIM ✔ Automate deprovisioning and password rotations for shared privileged accounts ✔ Instantly detect app sprawl and make IT-approved suggestions to control costs and proliferation Get a demo to see us in action: www.cerby.com/demo
.png)






