Software development is moving through its biggest shift ever — from human-written code, to AI-assisted development, to fully agentic systems where AI writes, tests, and deploys code autonomously. At every stage, enterprises face the same three problems: developers and agents need to learn to build securely, someone needs to govern what AI can and can’t touch in the codebase, and when something goes wrong, you need to know which AI did what, where, and for whom.
Secure Code Warrior is building the control plane for secure AI software development. We are defining the AI Software Governance category — and this role exists to ensure the technical foundations of that category are sound, forward-looking, and defensible.
As our first Distinguished Engineer and founding R&D Lead, your mandate is broad and deliberate: tackle the hardest unsolved problems on our roadmap, generate the technical intelligence that keeps us ahead of the market, and build the prototypes that prove — or disprove — the ideas that will define our next generation of product.
You own three things. How you balance your time across them will shift as the landscape evolves and as you develop your own view of where the highest-leverage opportunities lie.
The roadmap contains technical challenges that can’t be solved by delivery teams working in two-week sprints. These are ambiguous, cross-cutting problems that require structured discovery before anyone can commit to building them. You lead time-boxed R&D cycles to produce prototypes and clear recommendations: build, explore further, or stop.
Current challenges in this space include areas like unified risk modelling, signals for MCP and other services, and AI code detection accuracy, but you will shape this backlog in collaboration with the rest of the teams, not merely execute it.
This is genuinely forward-looking work. As developer workflows move toward fully agentic development, new technical questions are emerging that the industry hasn’t answered yet. How do you convert human security expertise into formats that AI coding agents consume natively? How do you govern an autonomous agent that writes, tests, and deploys code? What does code provenance mean when five agents contribute to a single commit? How should enterprise security intelligence integrate with the MCP ecosystem?
SCW holds thousands of vulnerability patterns and secure coding challenges across dozens of languages — the raw material for a new class of agent-consumable security intelligence. You own the technical discovery of how to deliver that intelligence, working in close partnership with our content and security domain experts.
The agent governance space is whitespace. The competitive window is narrow. Your job is to explore it faster and more rigorously than anyone else in the market.
The control plane roadmap is sequenced against a model of developer AI adoption, but the market moves fast enough that the model can become stale. You provide the structured intelligence that keeps the product organization pointed at where developers are heading, not where they were six months ago.
This means tracking real-world developer workflows, monitoring competitive dynamics, scanning emerging technology and academic research, and synthesizing it into regular outputs that directly inform product and content strategy. You will publish a monthly Developer Workflow Pulse and a quarterly Landscape Brief — these become core inputs to roadmap decisions and, over time, raw material for SCW’s external thought leadership.
Your primary vehicle for structured discovery is the Frontier Pod — a temporary, cross-functional team formed around a single named problem for a six-week cycle. You convene the pod, define the problem brief, draw in the right expertise from across product domains, and present findings at the end of each cycle with a clear recommendation.
This model gives you access to the right people for each problem — security domain experts, product analytics, engineers who understand specific signal pipelines — without maintaining a fixed team that would lack the right expertise for most problems. The pod dissolves at the end of the cycle; follow-on work is either stopped, extended, or transferred to a delivery domain for production build.
This role can be based remotely, with a preference for timezone overlap with our APAC engineering team (Sydney), where the AI Governance and Risk Intelligence domains — the primary consumers of R&D output — are based. Periodic travel to Sydney for Frontier Pod kickoffs and leadership alignment is expected.
You report to the VP of Engineering, with priorities set jointly with the CPTO. You have a direct line to the CPTO for your recommendations.
For a company defining the AI Software Governance category, the R&D function must be connected to the external research community. You attend major industry conferences, follow academic research on AI safety and secure code generation, and contribute to SCW’s thought leadership by publishing benchmarks, frameworks, and research that build category credibility and attract talent.
This is a founding role, not a permanent solo act. If the strategic prototyping backlog stays deep and the agent governance work shows the promise we expect, a second R&D engineer is budgeted for 2027. You are hiring your future team and shaping what the R&D function becomes.
Distinguished or Principal-level Maker: You are a seasoned engineer with 10+ years of experience and a track record of solving ambiguous, “blank page” architectural problems where the problem definition is part of the work.
Polyglot Prototyper: You possess a strong foundation in computer science with the ability to prototype rapidly in our tech stacks.
AI/LLM Specialist: You have deep practical knowledge of AI/LLM systems, agent frameworks, the MCP ecosystem, and the current state of AI coding tools and agentic development workflows.
Genuine curiosity about how developers work: you follow the evolving landscape of developer tools, IDE paradigms, and AI-assisted workflows because it interests you, not because someone asked.
Analytical Researcher: You translate complex technical findings into actionable strategic intelligence for leadership, product, and content teams. Your written output shapes decisions
Versatile and autonomous: You are comfortable operating across technical prototyping, market intelligence, and external engagement. This role requires range, not just depth.
You thrive in ambiguity. You define what to explore, not just how to build what’s been specified
You are a maker first — you prototype to learn, ship to validate, and communicate through working software
You operate with autonomy and sound judgement. You know when to go deep on a problem and when to call it and move on
You are a role model for the Warrior Code and Engineering Culture Code — collaborative, pragmatic, and a safe pair of hands even when operating in highly experimental territory
Background in developer tooling, observability, platform engineering, or application security tooling
Published work or demonstrated thought leadership in AI safety, secure code generation, agent governance, or related fields
Experience building or contributing to open-source developer tools or security frameworks
Existing network in the AI engineering or application security research communities
Kamayi
Enlyte
Zelus Analytics
CEO Life Corp
Delphic
Secure Code Warrior
Secure Code Warrior