- Oneleet (YC S22) | Multiple Roles | US & NATO Countries | Remote | Full-time
Oneleet is an all-in-one cybersecurity startup that has built its own Attack Surface Monitoring (ASM), Code Scanner, Device Monitoring, and Compliance Platform. We are growing at an unprecedented pace and working on some very exciting projects.
What we're looking for:
Strong problem solvers who can work independently in a remote environment - Security-minded professionals passionate about building robust, scalable systems - Comfortable working during Eastern Time
Tech stack: Go, TypeScript, React, Kubernetes
Open roles:
* Software Engineer, Backend
* Software Engineer, Cloud Security Posture Management
* Application Software Engineer, Endpoint Security
* Security Program Manager (EU Timezone)
* Technical Sales (must have background in Computer Science or Cybersecurity)
* Invoicing Coordinator
We offer:
- Competitive salary - Equity in a fast growing cybersecurity startup - 100% remote work - Company offsites every quarter (past offsites have been in The Netherlands and Italy)
If you're interested in joining our team, please reach out to samuel<at>oneleet<dot>com with the subject line "HN: <Job Title>".
Alternatively, you can also apply at https://www.ycombinator.com/companies/oneleet/jobs
- Oneleet (YC S22) | Multiple Roles | US & NATO Countries | Remote | Full-time
Oneleet is an all-in-one cybersecurity startup that has built its own Attack Surface Monitoring (ASM), Code Scanner, Device Monitoring, and Compliance Platform. We are growing at an unprecedented pace and working on some very exciting projects.
What we're looking for:
Strong problem solvers who can work independently in a remote environment - Security-minded professionals passionate about building robust, scalable systems - Comfortable working during Eastern Time
Tech stack: Go, TypeScript, React, Kubernetes
Open roles:
* Senior Software Engineer (Backend)
* Application Software Engineer (Endpoint Security)
* Security Program Manager (EU Timezone)
* Internal Security Compliance Auditor
* Technical Sales (must have background in Computer Science or Cybersecurity)
* Invoicing Coordinator
We offer:
- Competitive salary - Equity in a fast growing cybersecurity startup - 100% remote work - Company offsites every quarter (past offsites have been in The Netherlands and Italy)
If you're interested in joining our team, please reach out to samuel<at>oneleet<dot>com with the subject line "HN: <Job Title>". If you have already applied but haven't heard back, feel free to follow up on the thread, things have been super busy!
Alternatively, you can also apply at https://www.ycombinator.com/companies/oneleet/jobs
- Oneleet (YC S22) | Multiple Roles | US & NATO Countries | Remote | Full-time
Oneleet is an all-in-one cybersecurity startup that has built its own Attack Surface Monitoring (ASM), Code Scanner, Device Monitoring, and Compliance Platform. We are growing at an unprecedented pace and working on some very exciting projects.
What we're looking for:
Strong problem solvers who can work independently in a remote environment - Security-minded professionals passionate about building robust, scalable systems - Comfortable working during Eastern Time
Tech stack: Go, TypeScript, React, Kubernetes
Open roles:
* Senior Software Engineer (Backend)
* Security Program Manager
* Internal Security Compliance Auditor
* Technical Sales (must have background in Computer Science or Cybersecurity)
* Invoicing Coordinator
We offer:
- Competitive salary - Equity in a fast growing cybersecurity startup - 100% remote work - Company offsites every quarter (past offsites have been in The Netherlands and Italy)
If you're interested in joining our team, please reach out to samuel<at>oneleet<dot>com with the subject line "HN: <Job Title>". If you have already applied but haven't heard back, feel free to follow up on the thread, things have been super busy!
Alternatively, you can also apply at https://www.ycombinator.com/companies/oneleet/jobs
- Oneleet (YC S22) | Multiple Roles | US & NATO Countries | Remote | Full-time
Oneleet is an all-in-one cybersecurity startup that has built its own Attack Surface Monitoring (ASM), Code Scanner, Device Monitoring, and Compliance Platform. We are growing at an unprecedented pace and working on some very exciting projects.
What we're looking for:
Strong problem solvers who can work independently in a remote environment - Security-minded professionals passionate about building robust, scalable systems - Comfortable working during Eastern Time
Tech stack: Go, TypeScript, React, Kubernetes
Open roles:
* Senior Software Engineer (Backend)
* Security Program Manager
* Internal Security Compliance Auditor
* Technical Sales (must have background in Computer Science or Cybersecurity)
We offer:
- Competitive salary - Equity in a fast growing cybersecurity startup - 100% remote work - Company offsites every quarter (past offsites have been in The Netherlands and Italy)
If you're interested in joining our team, please reach out to samuel<at>oneleet<dot>com with the subject line "HN: <Job Title>". Alternatively, you can also apply at https://www.ycombinator.com/companies/oneleet/jobs
- I have always said that you can gain more value from self-help/life management type books by reading the table of contents and then spending the time you would have read the book just thinking about those topics and coming to your own conclusions.
This is obviously a bit hyperbole but seriously most self help books could be an article instead and I wouldn't miss anything that was cut
- The very first test can be a simple "Did my HTTP request receive a response?". Then you can build on "Does this HTTP response have this value I need".... etc
The way I have always gone about TDD is just that I am testing the code I am writing by running the test, not from the main entrypoint of the application. The things you would log and look for when you run the application you instead validate with an `assert()`. Then once you have finished developing, you do a single pass verification from main and you have both a test and a function written
- I think that while storing a TOTP in your password manager is less secure than using an external app, I also feel like this is missing a large portion of when I am storing a TOTP in Bitwarden - shared accounts.
Being able to store a TOTP in my password manager allows me to have a shared account still use 2FA - and provided all parties also have 2FA on their Bitwarden accounts I think this is a pretty secure system and much preferable to one party having TOTP and everyone else needing to email or message them to get the code. Especially considering that as the number of "Hey can you send me the code to log in real quick" messages the 2FA holder gets goes up, the likelihood they get complacent and just start automatically responding could also create a threat vector.
- Most people do not want/need this, so the original point stands
- This must be regional because I have been using a chip-and-pin card for the last 5 years and I cannot for the life of me remember the last time I had to physically swipe the card. Tap support is definitely still spotty but that is something that is more of a convenience than a security issue
- Link should probably be to the github status page, not to a random tweet:
- This is something I have come to realize I unconsciously have gotten very dependent on - MacOS let's you swap virtual desktops for the monitor you are currently focused on without swapping any of the others. I never realized how intuitive this is until switching back to my XFCE linux installation and getting very frustrated with virtual desktops entirely. I might have to give dwm a try again on my linux machine if it supports this.
- I would actually disagree - to me you can have "decent separation of concerns in your code" but still have only built the app to support a single entry point. "Modular monolith" to me is a system that is built with the view of being able to support multiple entry points, which is a bit more complex than just "separating concerns"
- I actually disagree tbh - web browsers are so ubiquitous at this point that I would consider them a core part of the desktop at this point. If I can use just the "core tools" of my OS to access something I would consider that clientless for all intents and purposes
- But the dockerfile format has nothing to do with the docker codebase right? I run all my docker containers with podman (I recently moved over due to the monetization issues you mentioned), but I still use dockerfile format because they are (imo) good enough and also ubiquitous
- Colorways is a pretty common word in other areas though, so it's not entirely made up. Colorways is used extensively in the shoe world to describe when new colors/patterns on an older shoe line drop.
- As someone who regularly has >300 tabs I can promise you that it is not because of any productivity gains (if anything the opposite lol)
- The union change seems really nice, and is much more intuitive for me personally.
I also feel like Structural Pattern Matching could be a really big positive change, but can't think of a place to use it in any of my smallish python projects
- Assuming that your sensitive data is a key part of your product offering (and if it isn't you shouldn't be storing it imo) - wouldn't logging all decryption requests just generate a lot of noise during the day-to-day operation of your application? I struggle to see a scenario where what you described actually increases the real-world security of your data, beyond allowing you to do a more in depth retrospective of who took what data (which can be achieved without the overhead of double encryption).
In the event that some DB creds get leaked or brute forced or however, to the application/DB those creds will look just as legit and any irregularities would only be discovered at best while the data is being taken
Oneleet is an all-in-one cybersecurity startup that has built its own Attack Surface Monitoring (ASM), Code Scanner, Device Monitoring, and Compliance Platform. We just raised a Series A and are growing at an rapid pace and working on some very exciting projects.
What we're looking for:
Strong problem solvers who can work independently in a remote environment - Security-minded professionals passionate about building robust, scalable systems - Comfortable working during Eastern Time
Tech stack: Go, TypeScript, React, Kubernetes
Open roles
* Software Engineer, Cloud Security Posture Management
* Application Software Engineer, Endpoint Security (macOS experience preferred)
* Fullstack Engineer, AI Implementation
* Security Program Manager (US/EU Timezone)
We offer:
- Competitive salary - Equity in a fast growing cybersecurity startup - 100% remote work - Company offsites every other quarter (past offsites have been in The Netherlands, Portugal and Italy)
If you're interested in joining our team, please reach out to samuel<at>oneleet<dot>com with the subject line "HN: <Job Title>" and your resume attached.
Alternatively, you can also apply at https://jobs.ashbyhq.com/oneleet