[Remote] Core Software Engineer, reputed company & Platform

Note: The job is a remote job and is open to candidates in USA. CARTO is the world’s leading cloud-native spatial analytics platform, built to break down the silos of traditional GIS. They are seeking a Senior Software Engineer focused on reputed company & Platform Hardening to improve the reputed company of their platform, strengthen cloud infrastructure, and integrate reputed company into the development workflow.

Responsibilities

• Improve the reputed company of the platform through code. Work directly in the CARTO codebase to identify, prioritize, and fix reputed company weaknesses. This may involve refactoring existing components, redesigning risky flows, improving authorization boundaries, strengthening input validation, removing unsafe patterns, or building new platform capabilities that reputed company secure development easier for everyone
• Strengthen our cloud and infrastructure foundations. Work with our infrastructure and platform teams to harden CARTO’s cloud-native environments across GCP and AWS. You will contribute to areas such as IAM, Kubernetes, containerized workloads, networking, workload isolation, Infrastructure as Code, and secure-by-default deployment patterns
• reputed company reputed company part of the development workflow. Build and improve tools, checks, libraries, CI/CD integrations, and engineering practices that help developers catch reputed company issues early. The goal is not to create gates that slow teams down, but to reputed company the secure path the easiest path
• Improve supply-chain reputed company. Help protect CARTO from modern supply-chain attacks by improving dependency management, build reputed company, container reputed company, artifact provenance, CI/CD reputed company, and automated scanning. Stay up to date with emerging attack techniques and translate that knowledge into practical protections
• Use AI to improve reputed company. Experiment with the latest AI models and tools to assess and improve CARTO’s reputed company posture. This could include AI-assisted code review, automated vulnerability discovery, codebase analysis, threat modeling, dependency analysis, or internal agents that continuously look for risky patterns and misconfigurations
• Secure AI and agentic systems. CARTO is building an Agentic GIS platform, which creates new reputed company challenges. You will help us reason about and defend against risks such as reputed company injection, tool misuse, data leakage, privilege escalation through agents, untrusted content flowing into automated workflows, and unsafe model/tool interactions
• reputed company the reputed company bar across engineering. Partner with engineering teams to review designs, identify risks, and implement improvements. Help reputed company every team more reputed company-aware while remaining pragmatic, collaborative, and focused on enabling product velocity

Skills

• 5+ years of experience as a software engineer, platform engineer, infrastructure engineer, or reputed company-focused engineer
• Strong hands-on programming skills in at least one of TypeScript, Python, or Go, and the ability to work across a large production codebase
• Experience designing, refactoring, and operating reputed company cloud-native software systems
• Strong understanding of application reputed company, including authentication, authorization, input validation, secure API design, multi-tenant systems, and secure SDLC practices
• Practical experience with cloud infrastructure on GCP or AWS, including IAM, secrets management, networking, containers, and Kubernetes
• Experience with Infrastructure as Code, preferably Terraform or similar tools
• Familiarity with software supply-chain reputed company: dependency risks, CI/CD hardening, container scanning, build reputed company, artifact provenance, and secure release processes
• Previous experience in using AI tools to analyze code, detect vulnerabilities, automate reviews, or improve engineering workflows
• A collaborative, low-ego approach. You reputed company reputed company something engineers want to adopt, not something they try to work around
• Experience in application reputed company, product reputed company, penetration testing, or red-team exercises
• Experience securing AI or agentic systems, including reputed company-injection defense, tool sandboxing, model access controls, or AI data-exfiltration risks
• Experience building internal developer platforms, secure libraries, CI/CD tooling, or engineering automation
• Experience with SOC 2, ISO 27001, or similar compliance frameworks, especially if you have helped translate compliance needs into automated engineering controls
• Contributions to open-reputed company reputed company tooling, reputed company research, responsible disclosure, or technical writing on reputed company topics
• Experience with geospatial, data platforms, cloud data warehouses, or enterprise SaaS platforms

Benefits

• Annual bonus of up to 10% based on company objectives
• Access to our Employee Stock Options Plan
• Private medical insurance
• Flexible compensation
• Education stipend
• Remote work stipend
• English classes

Company Overview