Summary:

You'll own the full backend and frontend of Helios -the API, the database, the M365 and Google Workspace integrations, the deployment pipeline, and everything that keeps a production AI security platform running reliably for enterprise customers.

What you'll own:

• FastAPI backend powering all Helios API surfaces: threats, quarantine, policies, compliance, message trace, people, admin, and onboarding

• M365 Graph API and Google Workspace (DWD) integration layers: delta sync, baseline ingestion, OAuth token refresh, and physical quarantine moves

• Next.js App Router frontend: threat feed, quarantine UI, compliance dashboard, admin portal, reporting, and real-time event panels

• PostgreSQL schema, migrations, and query performance, including multi-tenant org isolation across every table

• CI/CD pipeline via CodeBuild or GitHub Actions, replacing the current manual ECS deploy flow

• Stripe billing integration, subscription, and usage metering model

• SIEM export connectors for Microsoft Sentinel and Splunk, plus automated remediation playbook infrastructure

• Security hardening across JWT secret management, credential vaulting, and cross-tenant data access auditing

• ECS operational reliability: Redis hygiene, CloudFront cache invalidation, and ALB configuration

  
  

Summary:

You'll own the intelligence layer of Helios end to end -the agentic detection pipeline, the auto-triage engine, the LLM orchestration, the sender reputation graph, and the Arabic NLP and DLP systems that make Helios reason about threats rather than just classify them.

What you'll own:

• The agentic pipeline: Content Classifier, Sender Reputation Agent, and Risk Orchestrator, including decision logic for when to invoke cloud-based LLM versus run locally

• Content classification model tuned for phishing, BEC, malware, credential harvesting, account takeover, and spam with Gulf-specific and Arabic language coverage

• Auto-triage service (Helios Analysis): the per-org background loop that runs VirusTotal lookups, threat feed checks, Neo4j graph queries, and attachment heuristics, then submits a full dossier to Claude for a structured verdict

• All LLM prompts and system prompts: structured JSON output, reasoning quality, and token cost optimization

• DLP and data classification engine detecting IBAN numbers, passport data, PII, and product IP in outbound email flows aligned to SAMA, NCA ECC, and PDPL

• Neo4j sender reputation graph: sender-recipient history, domain spread detection, lateral movement signals, and threat clustering

• Composite risk scoring model: content, auth, graph, reputation, and urgency scores with continuous calibration against false positive feedback

• Feedback loop pipeline where analyst false positive reports and quarantine decisions feed back into model training

• Arabic NLP pipeline with Gulf dialect awareness, transliteration handling, and manipulation pattern detection

Summary:

You'll design and own the testing infrastructure for an autonomous AI security platform that makes real-time decisions on live enterprise email -building the evaluation frameworks, pipeline quality tests, and CI/CD quality gates that give the team confidence to ship.

What you'll own:

• Design and own the end-to-end test architecture for Helios: unit, integration, API contract, E2E, and AI pipeline quality testing

• Automated test suite for all backend API surfaces via pytest, covering the threat detection pipeline, quarantine service, policy engine, compliance worker, onboarding flows, and admin endpoints

• AI pipeline evaluation framework: building canonical labeled threat datasets across phishing, BEC, malware, credential harvesting, spam, and clean email, then running precision and recall benchmarks against every pipeline change

• Threat injection framework: the production-readiness test harness that fires canonical threat scenarios through the full pipeline and validates auto-triage outcomes within defined SLA windows

• E2E test coverage for the Next.js frontend via Playwright or Cypress, covering critical user journeys: threat triage, quarantine release, compliance export, M365 and Google Workspace onboarding, and policy configuration

• Quality gates in the CI/CD pipeline: no merge without coverage thresholds, no deploy without a smoke test pass

• Regression test suites that catch changes in AI scoring behavior when prompts, thresholds, or model versions change

• Load and performance test strategy validating that the threat detection pipeline holds sub-800ms p99 latency under realistic email volume

• Quality documentation: test plans, coverage reports, flaky test tracking, and QA runbooks for production incidents

Summary:

You'll be the first technical point of contact for Himaya's enterprise customers -helping them onboard, diagnosing integration issues, interpreting AI threat verdicts, and making sure the platform is working exactly as it should in their environment.

What you'll own:

• The customer support queue: triaging, investigating, and resolving technical issues across Helios onboarding, integrations, threat detection, quarantine, policies, compliance, and billing

• Guiding customers through M365 Graph API connector setup, Google Workspace Domain-Wide Delegation configuration, and OAuth token troubleshooting

• Diagnosing and resolving delta sync issues: investigating last_sync_at gaps, baseline ingestion failures, mailbox connector errors, and M365 token expiry

• Helping customers interpret AI threat verdicts: explaining why an email was quarantined, what the risk score components mean, and how to tune thresholds and policies to reduce false positives

• Investigating and escalating production issues: reading ECS logs via CloudWatch, tracing threat records in PostgreSQL, identifying Redis or queue issues, and writing clear reproduction steps for engineering

• Customer-facing documentation: onboarding guides, integration setup walkthroughs, policy configuration playbooks, FAQ articles, and compliance report interpretation guides

• Technical onboarding calls with new customers: walking security teams through the Helios dashboard, auto-triage configuration, VIP protection setup, and compliance control status

• Tracking and reporting recurring support patterns to identify platform gaps and onboarding friction for the product team

• Supporting GCC regulatory compliance inquiries: helping customers understand how Helios maps to SAMA, NCA ECC, and PDPL requirements