Job Specifications
We're Escape, YC-backed, Series A, growing 15%+ month-over-month. Our AI-powered platform does automated penetration testing for companies like Zoom, Air France-KLM, Vanta, and Miro. We find vulnerabilities before attackers do.
Location: Paris (75002), 2 days remote/week
Cofounders: CEO (Tristan Kalos) and CTO (Antoine Carossio)
Team: 15 engineers. Weekly shipping. Real autonomy. No feature factories.
What you'll own
You'll join a squad of 4 engineers with a Tech Lead. "Senior" here means you drive decisions, not implement tickets. Concretely:
Ship product that works at enterprise scale: tens of thousands of assets, millions of findings, complex search, real-time refresh. You'll make it stay fast.
Solve hard data problems: PostgreSQL performance, query design, indexing strategies, pagination, caching. Our product is data-heavy and latency-sensitive. This isn't CRUD.
Build AI-native workflows: guided triage, assisted remediation, smart extraction from noisy scans. AI is embedded into the product, not bolted on.
Own the full journey: from vulnerability ingestion → triage → remediation. Risk scoring, developer integrations (CI/CD, Git, ticketing), the whole loop.
Shape the architecture: data modelling, system design, GraphQL schema. You'll influence how we build, not just what.
Stack
Frontend: Svelte + TypeScript, GraphQL client
Backend: Node.js, GraphQL (Yoga + Pothos), Prisma, PostgreSQL, Kafka
Infra: AWS, GitLab CI, Grafana
Deep tech: Python (AI/ML), Go (network tooling)
SOC-2 compliant. Rigorous code review. Comprehensive test coverage. Not bureaucratic.
What's in it for you
€80K–105K base salary, based on experience
Meaningful equity (BSPCE): you're joining a rocketship post-Series A, pre-scale
Real impact: you'll talk to customers, see your work in production weekly, influence product direction
Conference speaking: we send engineers to RSAC, BlackHat, DEFCON, BSides (NYC, Vegas, SF, London, Paris)
Growth path: Tech Lead track is open and real, not theoretical
Health (Alan), meals (Swile), sport (EGYM Wellpass), top-tier equipment, open-source time
Experience
5+ years shipping production web apps, strong on both frontend and backend
TypeScript fluency: you actually leverage the type system, not just tolerate it
GraphQL depth: you've designed schemas, not just consumed them
Ownership mindset: you see a problem, you fix it, you don't file a ticket and wait
Clear communicator: can explain tradeoffs to non-technical stakeholders
Bonus: Svelte experience · Security/DevSecOps background · Startup DNA
Interview in 1 week, no BS
HR chat — 30 min
In-person challenge and technical deep dive — 1h
Leadership & strategy with CTO — 30 min
Offer
About the Company
Escape is the only DAST that works with your modern stack and tests business logic instead of missing headers. It fits right into your modern stack, supporting modern web frameworks, APIs, CI/CD, and Wiz without hassle.
With Escape, you can:
1. Document all your APIs & Web Apps in minutes and enrich your inventory with seamless integrations.
2. Discover vulnerabilities even at a business logic level with our proprietary AI-powered algorithm.
3. Remediate issues efficiently with code snippets tailored to each framework
Know more