Golang Staff Engineer

About us
We build a custody platform for regulated institutions: policy-driven transaction signing, MPC/TEE-based signers, audit-grade eventing, and multi-tenant infrastructure with strict security boundaries. This is a systems role: high-load SaaS backend, correctness-first workflows, hard security constraints, and clear operational ownership (SLOs, observability, on-call maturity).

We’re looking for a Staff Engineer who can design and ship critical platform components in Go, raise the engineering bar, and reliably deliver under real-world constraints (latency, throughput, failures, attacks, audits).

What you’ll do

• Own core backend architecture: lead design for critical services (policy engine, signing orchestration, key lifecycle workflows, custody wallets/accounts, approvals, audit trails).
• Build high-load SaaS systems: multi-tenant isolation, quotas, rate limits, backpressure, concurrency control, and predictable latency under spikes.
• Distributed systems & reliability: idempotency, retries, outbox/inbox patterns, event-driven workflows, saga/state machines, and graceful degradation.
• Security-by-design: least privilege, secret handling, secure service-to-service auth (mTLS/JWT), tamper-evident logs, and audit-ready data models.
• Performance engineering: profiling, load testing, benchmarking, contention analysis, memory/GC tuning, and optimization of hot paths.
• Data & consistency: strong modeling in Postgres (or equivalent), migrations, indexing strategy, partitioning where needed, and clear consistency boundaries.
• Developer productivity & standards: set patterns for Go services, testing strategy, code review quality, and shared libraries; mentor senior engineers.
• Cursor-first workflow: use Cursor for acceleration (refactors, code generation, tests, docs), with disciplined verification, security review, and deterministic outcomes.

Must-have experience

• 8+ years backend engineering, including significant Go (or deep expertise in another systems language + strong Go in recent projects).
• Strong CS fundamentals: concurrency, synchronization, networking, distributed systems, data structures, algorithms, OS basics.
• Proven track record designing high-load, production SaaS (multi-tenant, high availability, incident response, SLOs).
• Hands-on experience with microservices and modern backend stacks: gRPC/HTTP, queues/streams, caching, databases.
• Strong testing discipline: unit/integration/contract tests, testability-first design, deterministic CI.
• Strong observability habits: structured logging, metrics, tracing, debugging production issues end-to-end.
• REQUIRED: regular use of Cursor (or comparable AI coding tool) to speed delivery, with rigorous review, security awareness, and verification.

Nice to have

• Custody / wallets / signing systems exposure (MPC, HSM, TEE, key management, policy/approvals). Experience with event streaming (Kafka/NATS/PubSub), exactly-once-ish patterns, replay, and audit/event sourcing concepts.
• Kubernetes + service mesh familiarity; production operations and reliability engineering practices.
• Regulated environment experience (fintech, security audits, compliance-driven engineering).
• Threat modeling and security review participation (abuse cases, attack surfaces, secure defaults).

Soft skills

• Ownership mindset: you ship, you measure, you improve.
• Clear written communication: designs, RFCs, incident write-ups, trade-offs.
• Pragmatic leadership: raises the bar without blocking progress.
• Mentorship: helps others become faster, safer, and more independent.
• Comfortable working in ambiguity and aligning tech decisions with product and risk.

What this role is NOT

• Pure feature “ticket execution” without architectural ownership.
• Full-stack work.
• Research-only cryptography role (you’ll collaborate with cryptography specialists, but your focus is platform engineering).