Job Specifications
Escape is one of Europe's fastest-growing cybersecurity startups, backed by Y Combinator, building AI-powered automated penetration testing that finds vulnerabilities before attackers do. We've secured dozens of prestigious enterprise customers, are growing 15%+ MoM, and just closed an $18M Series A (announcement coming soon).
We operate with a US go-to-market playbook (product-led, fast iteration cycles, aggressive growth targets) combined with deep European engineering DNA. Our 15-person engineering team ships weekly, owns what they build, and solves hard problems at the intersection of security, distributed systems, and AI.
We're looking for a Full Stack Engineer (Mid-Level) to own significant features end-to-end on our SaaS platform: the interface through which security teams discover, triage, and remediate vulnerabilities across their applications.
You'll work in a squad of 4 engineers with a Technical Lead. Senior here means you drive technical decisions within your scope, mentor others, and ship autonomously. You won't be pixel-pushing mockups: you'll be deciding how to build things.
Context
Location: Paris (75002), 2 days remote/week
Company: Escape – Leading AI Cybersecurity Startup
Cofounders: CEO (Tristan Kalos) and CTO (Antoine Carossio)
Engineering Team: 15 Engineers, 4 Technical Leads, 2 Product Owner
What you will actually work on
Building a product that stays fast at enterprise scale: You’ll ship UIs that remain snappy with large datasets: tens of thousands of assets/endpoints, millions of findings, complex faceted search, and real-time refresh.
PostgreSQL & data performance that actually matters: Our product is data-heavy and latency-sensitive. You will work with advanced SQL functionalities : query design, indexing strategies, pagination, caching where it makes sense, and shaping data for GraphQL so the UI stays responsive.
AI-native interfaces: We’re building workflows where AI meaningfully changes how security teams work: guided triage, assisted remediation, smart extraction of insights from noisy scans — all embedded into the product, with tight UX and reliability requirements.
Security & developer workflows end-to-end: You’ll design and ship the experience from discovery → triage → remediation: risk scoring views, remediation journeys, and the integrations that make it real (webhooks, CI/CD, Git providers, ticketing).
Architecture decisions that stick: We’re scaling fast and iterating weekly. You’ll influence both data modelling and system design — with a strong bias toward pragmatic, maintainable systems.
Impactful changes: You won’t just implement tickets. You’ll take a problem from the customer’s pains to shipping solutions, measuring and mentoring others along the way.
Our Stack
Frontend: Svelte + TypeScript, GraphQL (client)
Backend: Node.js, GraphQL (Yoga + Pothos), Prisma, PostgreSQL, Kafka
Infrastructure: AWS (FTR-certified), GitLab CI, Grafana
Deep Tech (exposure, not required): Python (AI/ML), Go (network tooling)
Compliance: We follow modern standards: comprehensive test coverage (unit, integration, E2E), Codecov, SOC-2 compliant processes. Code review is rigorous but not bureaucratic.
Perks
Significant equity (Stock Options/BSCPE), making you a true stakeholder in our success.
Top-tier health insurance with Alan
Meal vouchers with a Swile
Sport subscription with EGYM Wellpass (ex Gymlib)
A place to learn and grow: Access to books and online courses to help you excel in your role
Top-tier equipment to do your best work
Free time to work on cool Open Source Projects.
Opportunities to present research and engineering work at international conferences like RSAC, BSides, BlackHat, DEFCON, APIDays (New York, Las Vegas, San Francisco, London, Paris, Berlin, Barcelona)
Experience
2+ years building production web applications, with depth in both frontend and backend
Strong TypeScript: not just "can write it" but actually leverages the type system
GraphQL experience: you've designed schemas, not just consumed them
Ownership mentality: you see a problem, you fix it, you don't wait for permission
Clear communication: can explain technical tradeoffs to non-technical stakeholders
Bonus points:
Experience with Svelte (or willingness to ramp fast: it's learnable in a week if you know React/Vue)
Background in security, DevSecOps, or developer tooling
Startup experience: you know what "shipping fast" actually means
We respect your time and will make it quick and efficient. The entire process will be completed within1 week.
1 meeting with the HR representative - 30 minutes
Technical challenge
1 technical deep dive with the Technical Lead - 1 hour
1 personal experience interview the Head of Engineering - 1 hour
1 leadership & strategy interview the CTO - 30 minutes
Formal hiring proposal.