About The Role

We are seeking an experienced and passionate Backend Engineer / Architect to join our EDR / XDR Platform Engineering team. The ideal candidate has strong expertise in Java and Spring Boot, distributed systems, and event-driven architecture, with the ability to design and operate high-throughput services that ingest, process, and act on endpoint telemetry at scale.

You will help build and evolve the cloud backend that powers our EDR / XDR platform — the services that ingest millions of agent events, run real-time threat detection, manage agent lifecycle and command-and-control, and orchestrate automated response across enterprise endpoints. This is a multi-tenant, cloud-native SaaS platform built on modern, event-driven microservices. As an AI-first company, we expect you to actively leverage AI to sharpen detection, correlation, and engineering productivity.

You will work closely with agent (endpoint) engineers, security researchers, and product teams to translate detection use cases into reliable, scalable, and secure backend capabilities — from streaming telemetry pipelines and the detection layer to incident management and response orchestration.

What You’ll Do At Cyble

• Design, develop, and enhance backend services and APIs for our EDR / XDR platform.
• Build and maintain high-throughput data pipelines that ingest and process large volumes of endpoint telemetry in real time.
• Contribute to the detection and analytics layer that turns telemetry into actionable security insights and incidents.
• Develop services that power incident management, alerting, and automated response workflows.
• Build platform services that support endpoint agent connectivity, lifecycle, and secure communication.
• Design and optimize data models, storage, and caching for performance, scale, and reliability.
• Define clean, well-structured service interfaces and integrations across the platform.
• Implement multi-tenancy, authentication, authorization, and data isolation with a strong security-first mindset.
• Ensure the scalability, reliability, and observability of backend services under heavy production load.
• Write automated tests, participate in code reviews, and contribute to CI/CD and deployment practices.
• Collaborate closely with cross-functional teams — Agent Engineers, Security Analysts, Product, QA, and Threat Intelligence — to deliver robust capabilities.
• Debug and resolve complex production issues across distributed services.
  
  

What You’ll Need

• A minimum 10 years of relevant experience
• Strong proficiency in Java and the Spring / Spring Boot ecosystem, including concurrency, multithreading, and synchronization.
• Solid experience designing and building microservices and distributed systems.
• Hands-on experience with event streaming / messaging — Apache Kafka (preferred), or similar (Pulsar, RabbitMQ) — including consumer scaling and delivery semantics.
• Strong data layer skills — NoSQL (MongoDB) and relational databases (PostgreSQL/MySQL), schema/data modeling, and query optimization.
• Experience with caching and in-memory stores (Redis), and an understanding of cache consistency trade-offs.
• Proficiency designing REST APIs; working knowledge of Protobuf and gRPC.
• Solid grasp of application security: authentication, authorization, JWT, API keys, TLS/mTLS, and secure handling of secrets.
• Experience with containerization and orchestration (Docker, Kubernetes) and a major cloud provider (AWS preferred).
• Strong debugging, profiling, and performance-tuning skills for high-throughput services.
• Working ability to apply AI in backend engineering — comfortable using AI/ML and LLM-based tools and APIs to build and improve logic such as correlation, detection, anomaly identification, enrichment, and automation.
• Understanding of endpoint security concepts and EDR/XDR product behavior.
  
  

Bonus Points If You Have

• Experience building security products — EDR / XDR / SIEM / SOAR / AV / threat intelligence platforms.
• Detection engineering experience: Sigma rules, correlation, behavioral analytics, or streaming detection.
• Familiarity with the MITRE ATT&CK framework and threat-intelligence enrichment.
• Experience with search/analytics stores (Elasticsearch / OpenSearch) for security telemetry.
• Experience with stream processing frameworks (Kafka Streams, Flink) and large-scale data pipelines.
• Familiarity with observability tooling (Prometheus, Grafana, OpenTelemetry) and SRE practices.
• Strong AI / ML expertise — designing and building correlation, detection, or anomaly-detection models, and applying NLP / LLMs, embeddings / RAG, and ML pipelines to security data at scale.
• Exposure to LLM / AI-assisted security workflows (alert triage, summarization, RAG) and integrating AI into production services.
• Familiarity with agent (endpoint) architecture on Windows, Linux, or macOS.
  
  

What We Offer

• Impactful Work: Shape the core backend of a next-gen AI-based EDR / XDR platform protecting enterprises worldwide.
• Collaborative Culture: A dynamic and collaborative work environment.
• Growth & Learning: Access to training budgets, conference support, and mentorship.
• Apply now to join Cyble's EDR engineering team and help deliver game-changing security capabilities.
  
  

If you like working in an inclusive environment, you want to advance your career quickly, and your opinion is valued, look no further than Cyble, Inc. We are young, hungry, and ready to impact the cyber security landscape!

Cyble, Inc. takes into consideration an individual’s skillset, experience and location in making final salary determination.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected Veteran status age, or genetics, or any other characteristic protected by law.