Staff Software Engineer, Attack

Get to Know Us

Horizon3.ai is a fast-growing, remote cybersecurity company dedicated to the mission of enabling organizations to proactively find and fix and verify exploitable attack vectors before criminals exploit them. Our flagship product, the NodeZeroTM platform, delivers production-safe autonomous pentests and other key assessment operations that scale across the largest internal, external, cloud, and hybrid cloud environments. NodeZero has been adopted by organizations of all sizes, from small educational institutions to government agencies and Global 100 enterprises. It is used by ITOps/SecOps teams, consulting pentesters, and MSSPs and MSPs. 

We are a fusion of former U.S. Special Operations cyber operators, startup engineers, and formerly frustrated cybersecurity practitioners. We're committed to helping solve our common security problems: ineffective security tools, false positives resulting in alert fatigue, blind spots, "checkbox” security culture, cybersecurity skills shortage, and the long lead time and expense of hiring outside consultants. Collectively, we are a team of learn it alls, committed to a culture of respect, collaboration, ownership, and results.

Summary

We are hiring a Staff Software Engineer to own the technical vision for EDR telemetry and detection work inside NodeZero and ultimately, the future of EDR effectiveness and tuning as a product capability. Modern endpoints are instrumented by CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black, and others. Our customers need to know, with evidence, which of our attack techniques their EDR caught, which ones slipped through, and why. Answering that at scale — across platforms, tenants, and operator objectives — requires someone who deeply understands the telemetry surface and can turn that understanding into a product. Over time, this role will own the technical work for incorporating AI and ML research into how we reason about detection gaps, generate tuning recommendations, and scale effectiveness insights.

This is not a pure architect role. You will write production code every week, review PRs from the people you lead, and partner closely with Product to sequence the right problems in the right order. You will be the person who both draws the system diagram on the whiteboard and commits the first slice of it to main

Essential Functions

Leadership & Team Development

• Owns the end-to-end technical vision for the workstream and rallies the team around it — from blank doc through shipping, iterating, and deprecating.

• Production code contributions at Lead/Staff level in a modern backend language (Go, Rust, Python, or similar) in a service-oriented environment.

• Sets and raises the technical bar (design reviews, code quality, operational discipline) by example rather than by mandate.

• Mentors and enhances the engineers around them; Build the frameworks and architecture for others to do the best work of their careers.

• Partners with the hiring team to attract, interview, and level engineers into the workstream as it scales.

• Holds the team accountable to outcomes rather than activity; surfaces risks and tradeoffs early and in writing.

Product-Minded Technical Leadership

• Translates ambiguous product goals into concrete technical roadmaps.

• Makes build vs. buy vs. integrate calls with business context, not just engineering preference.

• Partners closely with PM — comfortable in PRD reviews, not just sprint planning.

• Sequences an MVP without painting the team into a corner.

EDR Domain Expertise

• Deep familiarity with at least one major EDR platform (CrowdStrike, SentinelOne, Microsoft Defender) at the telemetry and API level.

• Understands detection logic, alert triage workflows, and how SOC teams consume EDR output.

• Can build and evaluate labeled ground truth datasets — knows what a correct detection actually looks like.

• Fluent in FP/FN tradeoffs and confidence scoring in real production environments.

Detection & Measurement Methodology (primary owner)

• Defines ground truth methodology and oversees execution (initially with intern support).

• Designs confidence scoring approach and FP/FN threshold definitions.

• Owns calibration and recalibration methodology as the system evolves.

• Defines what “correct” looks like for tuning recommendations, translates missed detections into vendor-accurate guidance.

Travel Required

We are a fully remote company, and this job may require up to 10% travel.

Perks of Horizon3.ai

• Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.

• Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.

• Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.

• Remote Work: We are a 100% remote company. Enjoy the convenience and work-life balance that comes with remote work. 

• Competitive Compensation: We offer competitive salary, equity and benefits. Our benefits include health, vision & dental insurance for you and your family, a flexible vacation policy, and generous parental leave.

Compensation and Values

At Horizon3, we believe that our people are our greatest asset, and our compensation philosophy reflects this core value. We are committed to fostering an environment where all employees feel valued, respected, and rewarded for their contributions. Our compensation structure is designed to be fair, competitive, and transparent, ensuring that every team member is recognized and compensated equitably across roles, levels, and locations.

In accordance with various State’s transparency regulations, we provide the following salary range information for this position:

• Base salary range $220,000 - $275,000 annually. The exact salary will be determined based on the selected candidate’s location, qualifications, experience, and relevant skills.

• Additional compensation: All full-time roles are eligible for an equity package in the form of stock options.

You Belong Here

Horizon3 is not just an equal opportunity employer - we are a community that values diversity, equity, and inclusion as fundamental principles of our culture and success. We are dedicated to fostering a workplace where everyone feels welcome and respected, regardless of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, or any other legally protected status by law.

Our commitment to diversity and inclusion means we strive to attract, develop, and retain a workforce that reflects the varied communities we serve. We believe that diverse perspectives drive innovation and strengthen our ability to create cutting-edge cybersecurity solutions. At Horizon3, every team member is valued and supported in an environment that encourages personal and professional growth.

We welcome candidates from all backgrounds and experiences, and we encourage all qualified individuals to apply. Come be a part of Horizon3, where your unique contributions are recognized, and your potential is limitless.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change at any time with or without notice.