What you will be doing

Design, build, and harden product features within a compliance-regulated cloud environment — writing code with a strong focus on security controls, data privacy, and auditability.
Build features specific to AWS GovCloud users: authentication methods required by federal agencies, audit and compliance capabilities, and tooling that makes it easier for customers to operate and audit their own Tines tenants.
Build abstractions that reduce friction for engineers across Tines to author and test features in a government cloud environment without needing direct access to it — environment-aware configuration, feature flags, and automated compliance boundary testing.
Enable software engineers to build new product features that work seamlessly across commercial and government cloud environments: observability, logging, and simplifying deployments.
Analyze our application for security gaps, identifying where existing functionality needs to be adapted, constrained, or hardened to meet government standards — and implement those changes yourself.
Work cross-functionally across product teams to align timelines and develop hands-on solutions that meet security controls, translating between compliance requirements and engineering reality.
Use your knowledge and experience to mentor other engineers on secure design patterns and building confidently for regulated environments.
Support our self-hosted federal customers operating in our CMMC environment, including handling escalations and complex, long-running support cases as part of the team's on-call responsibilities.

Projects you might work on

Building smart card authentication support so federal users can log in with their government-issued credentials alongside existing SSO integrations.
Making it easier for customers to operate and audit their own Tines tenants — richer audit logging, records retention controls, and exportable compliance evidence.
Building developer tooling and abstractions so engineers across Tines can author features that work in GovCloud without needing to understand every compliance constraint — automated testing that catches compliance boundary violations before they reach production.
Implementing security impact analysis and change control workflows directly into our development process, so compliance validation is part of shipping code rather than a separate step.
Ensuring our GovCloud SaaS and self-hosted customers can easily monitor, manage, and scale their dependencies like OpenSearch — building the in-product features and tooling that give customers visibility and control over their own infrastructure.
Collaborating closely with our Product and Design teams to determine which product capabilities need to be adapted or constrained for government environments — and finding the simplest path to get there.
Using our own product to automate compliance workflows — vulnerability tracking, change control documentation, and incident response runbooks powered by Tines.
Writing a blog post to share something interesting we learned about building for the government with the community.

Is this the right role for you?

Roughly 7+ years as a professional software engineer. Proven track record of success as a senior software engineer.
Direct experience of building and delivering software using a high-level programming language.
Experience building software that operates in compliance-regulated or security-sensitive environments is a strong plus (FedRAMP, FISMA, SOC 2, HIPAA, or similar).
Comfortable reasoning about security at the application layer: encryption, access control, audit logging, or data retention.
Main languages are Ruby and TypeScript, but prior experience not required.
Broad role across the stack; willingness to pitch in anywhere needed.
Customer obsessed and willing to go deep into unfamiliar stacks to find root causes for errors, performance issues, and bugs.