Founding RASP Engineer – Node.js

🔥 1 hour ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

CloudLinux

WebsiteLinkedInAll Job Openings

51 - 200 employees

Founded 2009

☁️ SaaS

🔐 Security

🌐 Web 3

SaaS • Security • Web 3

CloudLinux is a leading provider of operating systems designed specifically for web hosting environments. The company offers a line of products including CloudLinux OS Legacy, CloudLinux OS Shared Pro, and CloudLinux OS Solo, each tailored to improve server stability, security, and performance. With features such as kernel live patching, advanced automation and monitoring tools, and specialized WordPress optimization, CloudLinux helps hosting companies maximize security and profitability while ensuring stable server environments. Over 4,000 companies trust CloudLinux to power millions of websites worldwide, benefitting from increased stability and reduced churn rates. The company emphasizes compatibility with major hosting control panels and CentOS, offering solutions for shared hosts, agencies, and small businesses.

📋 Description

• You'll build that runtime protection layer end-to-end. • The product. A brand-new product line, yours to define — what we intercept, what we don't, what the customer-visible surface looks like. • The technical approach. Instrumentation strategy, deployment shape, programming language — all open. You'll consult with our architects but the direction is yours. • Implementation, end to end. You'll have the full tooling stack we provide — LLM subscriptions, modern dev infrastructure, the works. Use what makes you fast. • Methodology. How you build conviction in your detection logic — your call. • Cross-layer signal. Our existing stack produces threat intelligence at unmatched scale: tens of millions of monitored sites, petabyte-scale malware sample storage, real-time domain and URL reputation, IP-level attack feeds. These are available for you to plug into. Use what helps. • The product is held to four numbers: runtime overhead, false positives, false negatives, and customer-escalation volume. They reflect what hosting providers and their customers care about. Hit them well and the product runs inside a meaningful slice of the modern Node.js web.

🎯 Requirements

• Familiarity with the Node.js runtime and the JavaScript ecosystem. • Strong web application security fundamentals and current knowledge of practical exploitation. • A working sense of how detection rules behave at scale — what catches attackers without flagging the long tail of legitimate code. • Ability to start as the PM, architect, lead engineer, and QA for this product. You ask for resources or help when you need them; you don't wait to be told what to do. • Comfort directing AI coding agents to high-quality output — most of our engineering does this now. • Prior work on runtime-protection products, application firewalls, or instrumentation tooling. • Background in malware analysis or incident response. • Familiarity with managed-hosting environments. • Public security research, vulnerability disclosures, or detection rulesets you've authored.

🏖️ Benefits

• A focus on professional development. • Interesting and challenging projects. • Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide. • Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves. • Compensation for private medical insurance. • Co-working and gym/sports reimbursement. • Budget for education. • The opportunity to receive a reward for the most innovative idea that the company can patent.