Senior Software Engineer (Full-Stack, AI/RAG)

**Location:** Remote (US, EU, UK time zones preferred)

**Type:** Full-time

**Reporting to:** Founder / CEO

**Salary band:** $140k–$190k base + 0.5–1.0% equity + benefits

---

## About SecureFlow

SecureFlow is the AI vendor security questionnaire platform that helps B2B SaaS companies answer SIG, CAIQ, and custom security questionnaires in hours instead of weeks. We use retrieval-augmented generation (RAG) grounded in customers' own policies to draft answers with citations — eliminating the hallucination risk that makes general-purpose LLMs unsafe for compliance work.

We are a small, fast-moving team building toward a multi-million dollar ARR business. This is a foundational engineering hire — you will help shape the product, the technology, and the engineering culture from very early days.

## What you'll do

- **Own end-to-end features** from technical design through deployment and monitoring

- **Architect and improve our RAG pipeline** — embeddings, retrieval quality, citation accuracy, and prompt engineering

- **Build core product surfaces** in our Next.js + TypeScript + Prisma stack (questionnaire workspace, document vault, billing, admin)

- **Lead technical decisions** on data model, AI model selection, infrastructure, and developer tooling

- **Mentor junior engineers** as we grow — code reviews, pairing, and elevating the team's bar

- **Talk to customers directly** to understand pain points and inform product decisions

- **Own production reliability** — alerts, on-call rotation (very light at our stage), and incident response

## What you'll bring

**Required:**

- 5+ years of professional software engineering experience

- Strong full-stack engineering with TypeScript, modern React/Next.js, and a relational database (PostgreSQL or SQLite)

- Hands-on experience with LLM-based applications — OpenAI, Anthropic, or open-source models — including prompt design and evaluation

- Experience with at least one production RAG system (embeddings, vector search, document chunking, citation tracking)

- Comfort owning a product surface end-to-end without supervision

- Strong written communication; you can write a technical design doc that the team understands

**Nice to have:**

- Experience in security, compliance, or GRC tooling

- Production experience with Stripe billing, OAuth providers, multi-tenant data isolation

- Experience evaluating model output quality with structured eval harnesses

- Open-source contributions or a public technical blog

- Prior early-stage startup experience (Seed Series A)

## Our stack

- **Frontend:** Next.js 15 (App Router), React 19, TypeScript, Tailwind CSS

- **Backend:** Next.js API routes, Prisma ORM, SQLite (migrating to Postgres)

- **AI:** OpenAI (GPT-4o, embeddings), custom RAG pipeline

- **Infrastructure:** Hostinger VPS (will migrate to AWS / Vercel as we scale), PM2, Nginx

- **Auth:** JWT sessions, Google OAuth

- **Billing:** Stripe (Checkout, Customer Portal, Webhooks)

- **Tooling:** GitHub, Cursor, ESLint, Prettier

## Interview process

1. **Screen call** with the founder (30 min)

2. **Paid take-home challenge** (4 hours, $150) — build a small RAG-grounded answering feature

3. **Technical deep-dive** with the founder (45 min) — discuss your take-home, architecture choices, and trade-offs

4. **Values + ways of working** interview (45 min)

5. **Founder interview** — vision, roadmap, how we work together (45 min)

6. **Reference checks** (2 references)

7. **Offer** — typically within 14 business days of first contact

## Compensation

- **Base salary:** $140k–$190k depending on experience and location

- **Equity:** 0.5%–1.0% of fully diluted shares, 4-year vest with 1-year cliff

- **Sign-on bonus:** Up to $10k

- **Benefits:** Health/dental/vision, $1,500 home office stipend, $1,500 annual learning budget, Macbook Pro, unlimited PTO

## How to apply

Email **** with:

- Subject: `Senior Software Engineer — [Your name]`

- Your CV or LinkedIn URL

- A short note (no more than 200 words) on a RAG or LLM-based system you've built and what you learned from it

- Optional: links to GitHub, blog, or anything else you want us to see

We read every application personally and respond within 5 business days.

---

*SecureFlow is an equal opportunity employer. We hire based on capability, evidence of impact, and how candidates show up in our process — not on credentials, school, or background.*