Remote

Founding Rust Product Engineers

Arcjet logo

Arcjet

Remote - United States 🇺🇸
Apply Now

Arcjet is a newly founded tier-1 VC backed startup hiring several founding engineers to help build the future of developer security in the age of the developer.

About Arcjet

Developers care about security, but it’s yet another thing they need to pay attention to. Installed as an SDK, Arcjet helps developers protect their apps against a range of security risks so they can get on with everything else.

We’ve spent years playing around with devtools all day (our CEO writes the console.dev devtools newsletter), so we understand what it takes to build a world class developer experience. This is key to how Arcjet is different from all the other security companies, and means you’ll be at leading edge of building the next generation of security tools.

How we work

We are set up as a remote-first, distributed company (US and Western EU timezones). However, in-person makes a big difference. We organize meetups 3-4 times a year for the whole team to travel to interesting locations, kick off new projects, join forces on hacking challenges, build the product, and get to know each other in real life.

Although we use Slack, it’s primarily for quick discussions, socializing and sharing interesting things. We prefer thoughtful long-form posts as GitHub Discussions rather than long debates in chat. Slack messages are automatically deleted after 7 days.

Knowing when you’re done is hard. We always aim to deliver the highest quality work, but we try to avoid perfectionism undermining our ultimate goals. We default to shipping rather than waiting, so long as we don’t sacrifice reliability. Use appropriate due diligence: toggling feature flags, gradually rolling things out, and paying attention to error rates, but the best way to learn is to ship code to prod.

We acknowledge that in life there are many different perspectives and that healthy debate is important for society. However, whilst we may all agree about the existence of a problem, we expect people to have different opinions about how to solve it. Following the example of Coinbase, we refrain from advocating for causes unrelated to our mission because we believe it harms inclusion. We are building a security product for developers. Anything outside of that mission should be avoided at work or on company systems like chat or email.

What you'll do

  • Arcjet is just getting started so you’ll be joining to help build out the initial product functionality. This will include designing and implementing the foundations on which Arcjet will grow into a security platform to help developers protect all of their applications.
  • Writing detailed technical documentation about how to use the SDKs, the APIs, and the security functionality. Features aren’t “done” until they’re fully tested & documented.
  • Bootstrapping the initial development processes, tooling, and infrastructure. This will include ensuring extensive test coverage, automated security analysis, CI/CD, infrastructure management and observability.
  • You’ll operate the code you write i.e. you’re responsible for it once it goes into production. This will involve participating in the on-call rotation.
  • Working with early testers and iterating rapidly on their feedback.
  • Providing technical support to those early users.
  • Collaborating with the rest of the team on all of the above → offering advice on areas of expertise, participating in design discussions, and conducting code reviews.

Requirements

  • Either one of: a) ≥5 years software development experience building production systems with Rust; or b) Less than 5 years of “time” experience, but you can demonstrate you have built and deployed systems in Rust at some degree of scale. In this case, please include a brief description when you apply.
  • You’ll need to be comfortable with ambiguity & low-structure as we build up the company. You’ll be fully supported by the rest of the team, but this generally means you’ll also need to be self-directed → defining, building, and then owning large parts of the codebase.
  • Pragmatic approach to building software → you’ll know that at the early stages of product-building, lots of the code will be replaced within 12-18 months.
  • You must understand how to balance “good enough” with ensuring security and quality.
  • Strong English language abilities.
  • In a US or Western EU timezone.

Bonus

These are not required, but it’ll be a nice bonus if you have experience with any of the following:

  • Experience with WASM, Go, TypeScript and/or React + Next.js.
  • Experience building products for developers, with a particular understanding of what makes for a good developer experience and why this is the age of the developer.
  • Experience building security products such as rate limiting, bot protection, web application firewalls, account takeover protection.
  • An interest in software security, perhaps through completing challenges like on HackTheBox, competing in CTFs, or participating in bug bounty programs.
  • Experience in a startup growing from 2 to 20 people.

Benefits

  • Competitive VC-backed startup salary + equity.
  • Home office allowance (desk, chair, etc) + we’ll buy you a new computer (if you want one)!
  • Flexible paid annual holiday allowance (unlimited holiday doesn’t work).
  • Medical, dental, & vision insurance (US).
  • Spend half a day a week allocated to leveling up your security skills. To enable this, we’ll pay for a silver account on HackTheBox Academy to get access to their security courses. Complete the HTB Certified Bug Bounty Hunter path (exam optional, or if you don’t need the Academy account), and we’ll also pay for a HackTheBox Labs VIP account. You can also use this time for other security-related activities e.g. participating in bug bounty programs.

Apply

Email our CEO david@arcjet.com with a link to an online profile (GitHub, GitLab, SourceHut, LinkedIn, personal website, etc). Include a resume if you like, but it’s not required so long as we can find your work history (which can also be in the email message). Don’t worry about a cover letter - just say hello!

The process

  • A 30min call with our CEO, David, about us and the role + you and your background.
  • A take-home coding exercise scoped to take no more than 4 hours. Ideally returned within 1-2 weeks.
  • A ~1h followup call discussing how you approached the task and some technical questions about how you might deploy it and other considerations e.g. observability, security, etc.
  • Team call - a two-way interview for you to ask our existing team questions and for them to get to know you.
  • Decision!
Apply Now