Enterprises spend fifteen billion dollars annually to set access permissions
on and protect stored data. But to secure this same data moving within cloud
applications, they spend nearly ten-times as much because APIs and application
security tools ignore those permissions. The purpose of security defenses is
to prevent unauthorized access to data, yet without those permissions they are
left to detect threats and anomalies that overwhelm incident response teams
with false positives. And now, because GenAI sends and stores data in small
chunks, data deduplication-like issues creep in to make the problem worse.
Caber is addressing this critical challenge in enterprise security with a
groundbreaking technology that protects access to data moving in APIs and
GenAI applications using the same permissions enterprises put on data in
storage systems. Because Caber can trace data lineage through APIs at the byte
level, we can offer what one prospective customer called “infinitely valuable”
capabilities that deliver a “huge time and resource savings with increased
accuracy” over existing Cloud Native Application Protection Platforms
(CNAPPs).
Enterprise security buyers are hungry for tools that can be deployed easily
and improve security. Wiz beat Lacework and Palo Alto Networks in the CNAPP
space with better management but no better security outcome. In fact, security
is getting worse. In the four years since Wiz was founded, false positive
rates per incident found increased 20%, while the number of incidents found
decreased 10%.
Caber is ready to change the game on Cloud-Native and GenAI-Native application
security. With Caber incident detection is deterministic, without false
positives, because Caber can trace the lineage of the bytes in API payloads
and authorize access to them using the permissions from the objects, files,
and database records they come from. AI-analysis of data we generate in the
process delivers meaningful insights and observability at an unprecedented
level of granularity to pinpoint mistakes, attacks, configuration issues, and
reduce incident analysis from months to minutes.
You will be responsible for building the core engineering team and taking the
MVP code we have to GA on an aggressive schedule. You will define the culture
of engineering with your passion, work ethic, and confidence.
**Personality:**
* You're likely an extrovert, ambitious, passionate, with grit to 'get it done'
* You easily gain respect with your technical competence and open management style.
* You're curious and dig deep into latest research and new tech that others may miss.
* You've got strong opinions and the confidence to express them.
* You're decisive and quickly deal with conflict.
* You listen to all ideas from team members and are quick to accept better approaches
* You ask questions before drawing conclusions or passing judgement.
* You are a leader and comfortable working in startups
**Job Qualifications and Requirements:**
* Track record of success at vendors building cloud-scale enterprise security products
* Batchelor degree or higher in engineering, computer science, math, physics, etc.
* Generalist across the cloud tech stack, Terraform, Python, C/C++, UI/UX, AI/ML, data, etc.
* Recruit and hire 3-5 founding engineers within 2 months.
* Establish the tools and workflow needed for efficient and secure development.
* Manage the entire engineering process (plan, arch, dev, QA, DevSecOps, support)
* Must be a US Citizen or Permanent Resident
