Senior Fullstack Engineer - Paris Office

Who are we?

Escape is one of Europe's fastest-growing cybersecurity startups, backed by Y Combinator, building AI-powered automated penetration testing that finds vulnerabilities before attackers do. We've secured dozens of prestigious enterprise customers, are growing 15%+ MoM, and just closed an $18M Series A (announcement coming soon).

We operate with a US go-to-market playbook (product-led, fast iteration cycles, aggressive growth targets) combined with deep European engineering DNA. Our 15-person engineering team ships weekly, owns what they build, and solves hard problems at the intersection of security, distributed systems, and AI.

Job description:

We're looking for a Senior Full Stack Engineer to own significant features end-to-end on our SaaS platform: the interface through which security teams discover, triage, and remediate vulnerabilities across their applications.

You'll work in a squad of 4 engineers with a Technical Lead. Senior here means you drive technical decisions within your scope, mentor others, and ship autonomously. You won't be pixel-pushing mockups: you'll be deciding how to build things.

Context

• Location: Paris (75002), 2 days remote/week
• Company: Escape – Leading AI Cybersecurity Startup
• Cofounders: CEO (Tristan Kalos) and CTO (Antoine Carossio)
• Engineering Team: 15 Engineers, 4 Technical Leads, 2 Product Owner

What you will actually work on

• Building a product that stays fast at enterprise scale: You’ll ship UIs that remain snappy with huge datasets: tens of thousands of assets/endpoints, millions of findings, complex faceted search, and real-time refresh — without turning the frontend into a slow, fragile mess.
• PostgreSQL & data performance that actually matters: Our product is data-heavy and latency-sensitive. You’ll work on the fun stuff: query design, indexing strategies, pagination patterns that don’t fall apart, reducing N+1, caching where it makes sense, and shaping data for GraphQL so the UI stays responsive.
• AI-native interfaces (not “add a chatbot”): We’re building workflows where AI meaningfully changes how security teams work: guided triage, “what should I fix first?” prioritization, assisted remediation, and smart extraction of insights from noisy scans — all embedded into the product, with tight UX + reliability requirements.
• Security & developer workflows end-to-end: You’ll design and ship the experience from discovery → triage → remediation: risk scoring views, remediation journeys, and the integrations that make it real (webhooks, CI/CD, Git providers, ticketing). It’s “full-stack” in the literal sense: UX, APIs, data model, and infra considerations.
• Complex, actionable visualization (not vanity charts): You’ll turn raw security signals into interfaces people use daily: attack-surface exploration, relationship graphs, drilldowns, comparisons over time, and “explainability” views that help teams trust the system and act quickly.
• Architecture decisions that stick: We’re scaling fast and iterating weekly. You’ll influence state management, caching strategy, GraphQL schema design, API contracts, and front/back boundaries — with a strong bias toward pragmatic, maintainable systems that keep shipping speed high.
• Owning features like a mini-founder: You won’t just “implement tickets.” You’ll take a problem from “why is this painful for customers?” to shipping the solution, measuring impact, tightening the loop, and mentoring others along the way.

Our Stack

• Frontend: Svelte + TypeScript, GraphQL (client)

• Backend: Node.js, GraphQL (Yoga + Pothos), Prisma, PostgreSQL, Kafka

• Infrastructure: AWS (FTR-certified), GitLab CI, Grafana

• Deep Tech (exposure, not required): Python (AI/ML), Go (network tooling)

• Compliance: We follow modern standards: comprehensive test coverage (unit, integration, E2E), Codecov, SOC-2 compliant processes. Code review is rigorous but not bureaucratic.

  Experience

  • 5+ years building production web applications, with depth in both frontend and backend
  • Strong TypeScript: not just "can write it" but actually leverages the type system
  • GraphQL experience: you've designed schemas, not just consumed them
  • Ownership mentality: you see a problem, you fix it, you don't wait for permission
  • Clear communication: can explain technical tradeoffs to non-technical stakeholders

  Bonus points:

  • Experience with Svelte (or willingness to ramp fast: it's learnable in a week if you know React/Vue)
  • Background in security, DevSecOps, or developer tooling
  • Startup experience: you know what "shipping fast" actually means

What we offer

• 💸 Equity: Significant BSPCE equity — we just raised at a strong valuation, and early engineering hires have meaningful upside
• ❤️‍🩹 Health first: Comprehensive health insurance with Alan
• 🍕 Meal vouchers with a Swile Card
• 💪 Sport subscription to have preferential prices to go to the gym, with Gymlib
• 📚 A place to learn and grow: Unlimited access to books and online courses to help you excel in your role
• 💻 Tech perks: Get the latest tech gear, including Apple (or not) equipment and ultra-wide screen, to do your best work
• 🎁 Open Source: Free time to work on cool Open Source Projects.
• 🌎 Global exposure: Present groundbreaking research at top international conferences, like APIDays (Paris, London, New York), BSides (Las Vegas, San Francisco, etc.) and RSAC (San Francisco), BlackHat and DEFCON (Las Vegas), etc.