← view all openings
We're a fully distributed team and as required by federal law this role is open only to any US citizen based in the US.
Why | What | Role | Stack | Challenges | How we work | Comp | Traction | Funding | Team
Nation states, criminal organizations, and lone wolves attempt to phish businesses, non-profits, and governments 24/7/365. When they succeed it can be extraordinarily destructive, disrupting coronavirus research, impacting a US presidential election, or damaging a country’s national defense. Email is the #1 attack vector, and last year phishing cost US businesses over $9B in direct financial losses.
Security professionals deserve superpowers that make them the heroes in this fight.
Sublime is making email security programmable.
Many companies have tried to solve phishing using black box ML. They've failed for the past 20 years. We're taking a different approach - we've created a DSL to enable security professionals, IT admins, and academic researchers to quickly develop new phishing detection rules. These new, community-built rules can be powered by arbitrary sets of ML models, 3rd party enrichment services, and custom functions. All backed by a GitHub-like system for version control that makes sharing and collaboration easy for the first time ever.
Here's an example of a moderately sophisticated phishing detection rule that is written in Sublime's Message Query Language (MQL):
type.inbound and any(body.links, .href_url.domain.domain in $free_file_hosts) and sender.email.domain.root_domain in $free_email_providers and emailrep(sender.email.email).suspicious and sender.email.email not in $sender_emails
This rule is looking for a common technique used by APT29, the Russian threat group that leaked the DNC emails in 2016.
To see more rule examples and for a deeper dive into Sublime, check out our early access docs.
We're looking for a backend engineer with experience in Go or a willingness to learn.
Ideally, you have owned the technical roadmap for a business area or product, have delivered large-scale production systems in cloud-native environments, and have experience shipping high-quality code quickly and securely.
At Sublime you will have an opportunity to:
If you feel like you don’t meet all of the requirements for this role, we encourage you to apply anyway. Imposter syndrome can get in the way of meeting incredible teammates, and we don’t want it to get in the way of meeting you.
Experience with any of these is a plus but not a requirement.
Go, Postgres, AWS, Docker