Arcjet is hiring a product focused security engineer to help build the future of developer security.

This is an unusual role that sits across two core disciplines - security and product engineering. We’re looking for someone with a security background, particularly with bot protection and attack detection, who wants to write and deploy code as a key part of the team building an innovative new security product.

Did you (or would you) stop by the appsec or cloud villages? Do you have a particular interest in 🦀 Rust, 🦫 Go, 🏗️ WebAssembly, and/or 👾 developer native security? If so, we want to talk to you.

About Arcjet

Arcjet’s mission is to be the default security layer for all apps

Arcjet helps developers protect their apps in just a few lines of code. Bot detection. Rate limiting. Email validation. Attack protection. Data redaction. A developer-first approach to security.

Developers care about security, but it’s often a pain amongst all the many other things on their todo list. Arcjet helps developers protect their apps against a range of security risks so they can get on with everything else.

Priority 0: Developer experience

Arcjet's top priority is developer experience. This is what sets us apart from other security companies. We want to remove the pain of dealing with security challenges and we’re failing if developers are not delighted by the Arcjet experience.

What does that mean?

• A native SDK experience → Each SDK should be designed with the specific language and tech stack in mind, ensuring that its ergonomics are tailored to the expectations of developers native to that ecosystem.
• It works → Too many products have broken documentation, incomplete code examples, complex installation instructions, and basic features that do not work properly. Does nobody test these things?! Arcjet is aiming for a seamless experience from signup to deployment. If you’ve deployed code in seconds to Vercel or Netlify, launched infra around the world with Fly.io, branched your database in Planetscale or Neon, easily created your own private network with Tailscale, or optimized your workflow with Raycast, you’ll know the kind of experience we’re aiming for.
• Thinking like a developer → Developers want to use tools designed for them. Our goal is to make their lives easier and earn their trust by helping solve their security problems. To achieve this, we need to meet developers where they are: in code, in their preferred editors, through self-service options, directly integrated with their frameworks, and through channels like YouTube, Slack, Discord, and developer conferences. Our aim is for Arcjet to become the default choice for developers to secure their Django, Rust, Next.js, Go, Laravel, Ruby, (and more!) apps.

We’ve spent years playing around with devtools all day (our CEO writes the console.dev devtools newsletter), so we understand what it takes to build a world class developer experience. This is key to how Arcjet is different from all the other security companies, and means you’ll be at the leading edge of building the next generation of security tools.

How we work

Remote-first, in-person regularly

We are set up as a remote-first, distributed company (US and Western EU timezones). However, in-person makes a big difference. We organize meetups 2-3 times a year for the whole team to work from the same place, kick off new projects, complete challenges, build the product, and get to know each other in real life.

Real-time sometimes, asynchronous most of the time

Group chat is the best way to stress out your team. Although we use Slack, it’s primarily for quick discussions, hashing through a problem in real-time, socializing and sharing interesting things. Our Slack messages are automatically deleted after 7 days and anything important gets migrated to Notion or GitHub.