Staff Software Engineer

Obsidian Security is a company dedicated to securing SaaS applications for modern businesses. The Staff Software Engineer will work across the full stack on the Threat product team, developing features that detect and respond to security threats in real-time, while collaborating with security researchers to enhance detection capabilities.

Responsibilities:

• Own features from “we need to detect X” through production, across extension, backend, and pipeline code
• Write content scripts that interact with web pages and background scripts that coordinate everything
• Build backend services: event ingestion, enrichment, alerting
• Work with security researchers to turn threat intel into working detections
• Help the team get better through code review and design discussions

Requirements:

• 8+ years building software, ideally touching a few different areas (not just one stack forever)
• You actually understand how browsers work. DOM APIs, the event loop, how SPAs route, why CORS exists. Not just 'I used React.'
• You've built browser extensions before. You know the content script/background script split, message passing, manifest v3 limitations
• Strong TypeScript. Comfortable in Python. Willing to write Rust (or already do)
• You've dealt with data at scale: event streaming, pipelines, high-throughput ingestion
• Backend basics: APIs, Postgres, Elasticsearch, Kafka or similar
• Can work without someone telling you what to do next
• You've thought about AI security - prompt injection, data exfiltration, that kind of thing
• Background in detection engineering, SIEM, or security ops
• You've built or contributed to security tools