Traceable was founded in 2018 by serial entrepreneurs, Jyoti Bansal and Sanjay Nagaraj, to become the industry leader in API security. Since the API is now the lynchpin of these modern application architectures, they founded Traceable to protect every API and to help ensure the security of the services and data that power modern applications.
Today, Traceable has grown to be the industry's leading API security platform that identifies and tests APIs, evaluates API risk posture, stops API attacks, and provides deep analytics for threat hunting and forensic research. We aim to be the industry's chosen solution and trusted advisor to security and risk management leaders, data security leaders, as well as software engineers looking to secure their APIs, and build better software faster. Based in San Francisco CA, Traceable is funded by Unusual Ventures, IVP, & Tiger Global Management.
About Traceable
Join the future of API security with a company founded by serial innovators reshaping the software industry. Visionaries Jyoti Bansal and Sanjay Nagaraj, creators of AppDynamics (acquired by Cisco for $3.7B), established Traceable with a bold ambition: to become the global leader in API security.
We're experiencing explosive growth, tripling revenue and scaling rapidly to empower enterprises facing evolving API threats. This success is fueled by a winning strategy: unwavering customer obsession, relentless product innovation, and strategic partnerships all backed by the entrepreneurial expertise behind past industry-defining success. Our cutting-edge solution makes API security manageable for businesses across the globe, ensuring APIs drive growth, not risk.
Join this winning team and make your mark!
About the Role
You should be extremely passionate about building the next generation cloud native security product and researching modern cloud native security vulnerabilities and attacks. You should be a blend of a solid computer science engineer and a deeply passionate security researcher.
Role Responsibilities:
- Working closely with product and engineering in researching about modern cloud native attacks and solving detection and protection use-cases in product
- Working closely with customers to understand their application environment, security use-cases and help mapping them to product features and work closely with sales engineering in POCs and Deployments
- Conducting Security Assessment/Penetration Test
- Research on next generation of detection and protection methodologies
- Designing and developing any internal tools for security research
- Troubleshooting and debugging customer facing issues around detection and protection of attacks
- Evangelise product capabilities in security researchers and pen testing communities by publishing relevant blogs/podcast etc
- Studying cyber security attacks happening globally, doing root cause analysis for some of relevant attacks and understanding relevance of Traceable product in preventing the attack
Qualifications:
- Bachelor's or Master's degree in computer science
- 4-8 years of work experience
- Experience in modern tech stack - microservices, docker, kubernetes, cloud platform (AWS/GCS etc) is a must
- Prior development experience and fair understanding of programming languages and frameworks is a must
- Proficiency in web app security, vulnerability research, and penetration testing
- Strong foundation in computer science fundamentals, network security, authentication protocols
- Strong experience of various pentesting tools like Burpsuite, ZAP etc.
- Strong applied knowledge of attacks in Web/API eco-system - Web attacks, API attacks, API abuse, API Fraud, ATO etc
- Strong understanding of Application Security Solutions (WAF, RASP etc.)
- Working knowledge of IAST, DAST, SAST
We value diversity and treatment of employees and applicants is based on merit, talent and qualification. We encourage people from underrepresented groups to apply. We believe the key to success is bringing together unique perspectives and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Direct applicants only. Recruiting agencies: Please do not email or call our team. We are not accepting agency candidates.
We believe the key to success is bringing together unique perspectives and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
For qualified US: applicants with criminal histories, consideration will be consistent with the requirements of the San Francisco Fair Chance Ordinance. All your information will be kept confidential according to EEO guidelines.