black.ai
About Cyble
Cyble is transforming cybersecurity intelligence. Founded in 2019, Cyble began as a college project and has grown into a leading force in proactive cyber threat detection and mitigation, with presence in 20 countries. Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India. Our mission is to provide visibility, intelligence and cybersecurity protection using cutting-edge technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities to help organizations take proactive measures and maintain robust cybersecurity. Cyble values inclusivity, autonomy and flexibility, recognizes contributions, and encourages employees to be part of something extraordinary. To learn more, visit www.cyble.com. Job Role Overview
We’re building a modern, cloud-native AI-first platform that continuously evaluates entity cyber risk, streamlines due diligence, quantifies exposure, and drives remediation at scale. We are looking for an architect who can take this product from concept to scalable reality—owning the end-to-end architecture, guiding implementation, and mentoring a high-performing engineering team. What You’ll DO
Own the product architecture for a multi-tenant, enterprise-grade SaaS: domain modeling, service decomposition, data design, and integration strategy. Define the technical roadmap and reference architectures across ingestion, scoring, assessments, evidence management, workflows, analytics, and ecosystem integrations. Lead hands-on development of core services (you will code), establishing patterns for resilience, cost efficiency, security, and operability (SLOs, SLIs, SLAs). Design a continuous monitoring engine that ingests external signals (attack surface exposure/hygiene checks, vulnerability and breach intel) and internal evidence to generate risk scores and alerts. Own data architecture: OLTP for workflows, streaming pipelines for signals, analytical stores for reporting, and governance for lineage, retention, and residency. Develop the assessment & workflow engine: questionnaire authoring/versioning, branching logic, scoring, evidence collection, exceptions, remediation SLAs, and approvals. Design risk modelling: a defensible vendor risk scoring model (configurable weights/decay), control effectiveness mapping, and portfolio-level analytics. Define an integration strategy: build a connector framework/SDK for ticketing, GRC, SIEM/SOAR, ITSM, procurement/vendor portals, identity providers, and major cloud platforms. Mentor and elevate engineers: establish coding standards, review designs/PRs, and foster a pragmatic engineering culture focused on outcomes. Partner with Product & UX to translate customer needs into resilient technical designs; validate through prototypes and iterative delivery. What You’ll Need
8-10 years of professional software engineering with 3 years as an architect/principal/lead for multi-tenant enterprise SaaS. Shipped platforms from zero-to-one through scale-up (thousands of tenants, multi-region). Meaningful experience in security, risk, or compliance products (assessments, workflows, analytics, evidence/audit features). Proven track record designing event-driven architectures (microservices or modular monoliths with clear bounded contexts). Delivered systems with 99.9%+ availability, sensible RTO/RPO, and the right mix of strong vs. eventual consistency. Led cross-functional initiatives with Product, Security, SRE, and Data teams, while remaining hands-on for critical services. Knowledge, Skills And Experience
Back-end & Services
Primary language: Go; Python/Node.js familiarity for data tasks/tooling. APIs: REST/GraphQL/gRPC; async messaging (Kafka/Pulsar/SQS); idempotency and retry/backoff patterns. Patterns: DDD, CQRS/Event Sourcing (where justified), sagas/orchestration, circuit breakers, bulkheads. Data & Analytics
Relational (PostgreSQL/MySQL) for core domains; NoSQL (e.g., DynamoDB/Firestore) where appropriate; Redis for caching. Streaming & ETL (Kafka Connect/Flink/Spark or equivalents). Search (OpenSearch/Elasticsearch), time-series (Prometheus/ClickHouse/Timescale), and columnar warehouses (BigQuery/Redshift/Snowflake). Modeling for questionnaires/evidence, findings/controls, and relationships (graph DB familiarity is a plus). Domain Expertise
(Vendor/Supplier Risk Monitoring, Attack Surface Management & GRC Compliance) will be a big advantage Building assessment engines (templating, branching logic, scoring), evidence collection & validation, and remediation workflows. Continuous monitoring of external signals: exposure discovery, configuration posture, breach/leak indicators, attack-surface hygiene. Risk models: weighted scoring, decay functions, confidence intervals; mapping to control frameworks (e.g., ISO 27001, NIST CSF/800-53, SOC 2, PCI DSS, HIPAA). Reporting & analytics for executives and regulators: portfolio heatmaps, trends, quantified summaries. LLM / Agentic AI
Experience with agentic/automation patterns for triage/remediation; LLM-assisted evidence summarization with guardrails and red-teaming for cybersecurity-related use cases.
#J-18808-Ljbffr
Cyble is transforming cybersecurity intelligence. Founded in 2019, Cyble began as a college project and has grown into a leading force in proactive cyber threat detection and mitigation, with presence in 20 countries. Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India. Our mission is to provide visibility, intelligence and cybersecurity protection using cutting-edge technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities to help organizations take proactive measures and maintain robust cybersecurity. Cyble values inclusivity, autonomy and flexibility, recognizes contributions, and encourages employees to be part of something extraordinary. To learn more, visit www.cyble.com. Job Role Overview
We’re building a modern, cloud-native AI-first platform that continuously evaluates entity cyber risk, streamlines due diligence, quantifies exposure, and drives remediation at scale. We are looking for an architect who can take this product from concept to scalable reality—owning the end-to-end architecture, guiding implementation, and mentoring a high-performing engineering team. What You’ll DO
Own the product architecture for a multi-tenant, enterprise-grade SaaS: domain modeling, service decomposition, data design, and integration strategy. Define the technical roadmap and reference architectures across ingestion, scoring, assessments, evidence management, workflows, analytics, and ecosystem integrations. Lead hands-on development of core services (you will code), establishing patterns for resilience, cost efficiency, security, and operability (SLOs, SLIs, SLAs). Design a continuous monitoring engine that ingests external signals (attack surface exposure/hygiene checks, vulnerability and breach intel) and internal evidence to generate risk scores and alerts. Own data architecture: OLTP for workflows, streaming pipelines for signals, analytical stores for reporting, and governance for lineage, retention, and residency. Develop the assessment & workflow engine: questionnaire authoring/versioning, branching logic, scoring, evidence collection, exceptions, remediation SLAs, and approvals. Design risk modelling: a defensible vendor risk scoring model (configurable weights/decay), control effectiveness mapping, and portfolio-level analytics. Define an integration strategy: build a connector framework/SDK for ticketing, GRC, SIEM/SOAR, ITSM, procurement/vendor portals, identity providers, and major cloud platforms. Mentor and elevate engineers: establish coding standards, review designs/PRs, and foster a pragmatic engineering culture focused on outcomes. Partner with Product & UX to translate customer needs into resilient technical designs; validate through prototypes and iterative delivery. What You’ll Need
8-10 years of professional software engineering with 3 years as an architect/principal/lead for multi-tenant enterprise SaaS. Shipped platforms from zero-to-one through scale-up (thousands of tenants, multi-region). Meaningful experience in security, risk, or compliance products (assessments, workflows, analytics, evidence/audit features). Proven track record designing event-driven architectures (microservices or modular monoliths with clear bounded contexts). Delivered systems with 99.9%+ availability, sensible RTO/RPO, and the right mix of strong vs. eventual consistency. Led cross-functional initiatives with Product, Security, SRE, and Data teams, while remaining hands-on for critical services. Knowledge, Skills And Experience
Back-end & Services
Primary language: Go; Python/Node.js familiarity for data tasks/tooling. APIs: REST/GraphQL/gRPC; async messaging (Kafka/Pulsar/SQS); idempotency and retry/backoff patterns. Patterns: DDD, CQRS/Event Sourcing (where justified), sagas/orchestration, circuit breakers, bulkheads. Data & Analytics
Relational (PostgreSQL/MySQL) for core domains; NoSQL (e.g., DynamoDB/Firestore) where appropriate; Redis for caching. Streaming & ETL (Kafka Connect/Flink/Spark or equivalents). Search (OpenSearch/Elasticsearch), time-series (Prometheus/ClickHouse/Timescale), and columnar warehouses (BigQuery/Redshift/Snowflake). Modeling for questionnaires/evidence, findings/controls, and relationships (graph DB familiarity is a plus). Domain Expertise
(Vendor/Supplier Risk Monitoring, Attack Surface Management & GRC Compliance) will be a big advantage Building assessment engines (templating, branching logic, scoring), evidence collection & validation, and remediation workflows. Continuous monitoring of external signals: exposure discovery, configuration posture, breach/leak indicators, attack-surface hygiene. Risk models: weighted scoring, decay functions, confidence intervals; mapping to control frameworks (e.g., ISO 27001, NIST CSF/800-53, SOC 2, PCI DSS, HIPAA). Reporting & analytics for executives and regulators: portfolio heatmaps, trends, quantified summaries. LLM / Agentic AI
Experience with agentic/automation patterns for triage/remediation; LLM-assisted evidence summarization with guardrails and red-teaming for cybersecurity-related use cases.
#J-18808-Ljbffr