Reflectiz is a cybersecurity startup specializing in website and web application security. Our agentless solution monitors and detects vulnerabilities across all 1st-, 3rd- and 4th-party components, delivering complete visibility into web risk exposure.

We’re looking for a hands-on Software Developer who brings a hacker mindset to the table: always probing, questioning, and breaking systems to learn how to build them back stronger. You’ll work deeply with Chromium-based browser internals, vanilla JavaScript, Node.js, and TypeScript, and you’ll own full-lifecycle development in a GCP-powered, containerized environment.

What you'll do:

• Develop, extend, and debug Chromium-based browser components to harden web apps against real-world attacks.
• Build and maintain backend services in Node.js and TypeScript, with an emphasis on security and performance.
• Architect, deploy, and manage infrastructure on GCP using Terraform and Docker.
• Design and implement CI/CD pipelines that support rapid, reliable releases.
• Perform code reviews, write automated tests, and champion secure coding practices.
• Research emerging attack techniques and integrate learnings into product features.

Requirements:

• 2+ years of professional software development experience working directly with Chromium.
• Expert-level proficiency in vanilla JavaScript, Node.js, and TypeScript.
• Deep understanding of how web browsers work behind the scenes (rendering engine, DOM, event loop).
• Strong knowledge of iframes, Web APIs, and client-side interactions.
• Solid grasp of HTTP(S) fundamentals: request/response lifecycle, methods, headers, and status codes.
• Demonstrated “hacker mindset”: creative problem solving, relentless curiosity, and a proactive approach to uncovering and mitigating weaknesses.
• Strong communication skills and a collaborative spirit.

Bonus points for:

• Prior experience in web-app security or browser security.
• Exposure to CI/CD and DevOps workflows.
• A portfolio of open-source contributions or personal security research/projects.
• Deep familiarity with GCP services and best practices.
• Hands-on experience with Docker for containerization and Terraform for IaC.

What We Offer:

• The chance to build cutting-edge web-security defenses from the ground up.
• A tight-knit team culture that values innovation and ownership.
• Clear career pathways and professional development support.