Lead Security Software Engineer

We seek a passionate and motivated Lead Security Software Engineer to join our team. This is a great opportunity for an experienced software engineer with a special interest in software security throughout all stages of the development cycle; design, implementation, and operations.

About Vespa.ai

:Vespa.ai is a team of passionate builders. We maintain and develop the Apache 2.0 licensed open-source project Vespa. Vespa lets our users run big data + AI, online. At any scale, with unbeatable performance

.Vespa is a fully featured search engine and vector database. It supports vector search (ANN), lexical search, and search in structured data, all in the same query. Integrated machine-learned model inference allows to apply AI to make sense of data in real-time. Together with Vespa's proven scaling and high availability, this empowers to create production-ready search applications at any scale and with any combination of features. Our users and customers are #1 in e-commerce, content, and financial services globally and used by companies like Spotify, Yahoo, Wix, and many more

.In addition to our open-source platform, Vespa.ai runs Vespa Cloud, a robust SaaS offering that allows businesses to easily harness the power of our technology

.At Vespa.ai, we are a security-first company and are extremely focused on automating whatever we do to grow fast with high quality while maintaining industry-leading, strong security. In all roles, we scale using technology, not simply larger teams. We take pride in being small, nimble, and the most productive

.
Position Overvie

w:As the Lead Security Software Engineer at Vespa.ai, you will be critical in ensuring the security of our products, infrastructure, and data. You will be a security champion within our engineering team, driving the implementation of secure coding practices and leading security initiatives. You will be a hands-on developer, contributing to our codebase while also providing guidance and mentorship to other engineers on security best practices. This role reports directly to the CTO and offers a unique opportunity to shape the security strategy of a growing compan

y.As the Lead Security Software Engineer at Vespa.ai, you will collaborate with cross-functional teams to design, implement, and maintain robust infrastructure solutions and features that meet our high availability requirement

s.An ideal candidate dislikes doing things twice and instead automates using Java or scripts, with proper monitoring, such as creating alerts, badges, and dashboard

s.
The responsibilities of this position inclu

• de:Develop and maintain secure software using Java, GoLang, and other relevant technologi
• es.Stay up-to-date on the latest security threats and vulnerabiliti
• es.Collaborate on threat modeling, risk assessments, and secure architectu
• re.Oversee security tools (e.g., static analysis, vulnerability scans) and workflo
• ws.Coordinate regular security assessments, code reviews, and penetration testing with our security technology partne
• rs.Identify and mitigate security vulnerabilities in our products and infrastructu
• re.Define, implement, and champion security best practices, training, and guidelines across tea
• ms.Collaborate with the CTO to define and implement the company's security strate
• gy.Communicate security risks and solutions clearly to technical and non-technical audienc

es.
We code using Mac or Linux laptops, using tools of our own choice. Everything we do is auto-tested and released daily. Technology we

• use:C++, Java, GoLang, Py
• thonJavaScript/TypeScript, Mantine, R
• eactONNX, LangChain, Hugging
• facePodman, Do

cker
Qualificat

• ions:Right to work in N
• orwayComputer Science (or similar) graduate. Excellent problem-solving and troubleshooting sk
• ills.Strong software development skills (preferably Java or similar) and a solid software engineering backgr
• ound.Practical knowledge of secure coding principles (OWASP Top Ten, encryption, authenticat
• ion).Experience with security testing tools and techni
• ques.Knowledge of common security vulnerabilities and attack vec
• tors.Passion for security and a desire to stay ahead of the c
• urve.Comfortable with cloud infrastructure and modern DevOps pract
• ices.Excellent English communication and collaboration skills; enjoy teaching and advocating for secu

rity.

• Bonus:Experience with cloud security (AWS/GCP/A
• zure).Knowledge of cryptography and secure coding prac
• tices.Familiarity with security standards and frameworks (e.g., SOC2, ISO 27001, NIST Cybersecurity Frame
• work).Experience with incident response and vulnerability manag
• ement.Familiarity with container security (Kubernetes, Docker) and autom
• ation.Familiarity with distributed sy

stems.
Why J

• oin Us:Help formulate and execute the security strategy for a start-up handling data for some of the world's largest com
• panies.Be part of a cutting-edge team working on innovative search and recommendation tech
• nology.Contribute to the development of a high-performance, open-source platform with a global
• impact.Collaborate with a talented team of engineers, product experts and
• sales.Competitive salary, benefits, and opportunities for professional

growth.
If you are excited about the intersection of open source, search and recommendation systems, AI integration, and have a genuine passion for quality and automation, we would love to hear from you! Apply now to join the Vespa Team and play a key role in shaping the future of our i

ndustry.Please attach university transcripts for our eva

luation.
Note: Vespa.ai is an equal-opportunity employer. We are committed to creating an inclusive environment for all employees. We believe in fostering a collaborative and inclusive environment where every team member has the opportunity to make a significan