Careers
Help teams practice for their worst day
We're making professional cybersecurity exercises accessible to every organization, not just the ones with six-figure consulting budgets. Small team, Rotterdam, an AI-native product in a market NIS2 just made mandatory.
Four seats open at poisettx. External applicants strongly encouraged. Yes, that's you.
Finally. I've been playing four roles at once. Who's taking the DevOps seat?
Open positions
All roles are full-time, hybrid from Rotterdam, and list the salary range up front, as it should be.
Engineering
DevOps / Platform Engineer
Live exercises depend on minute-level scheduling, background AI jobs, and realtime channels that simply cannot hiccup mid-incident. You own the platform that keeps all of that fast and boringly reliable.
Role details
What you'll do
- Own our production infrastructure end-to-end: Vercel (fluid compute, crons), Supabase (Postgres, Realtime, Storage), and Stripe webhooks
- Build the observability we grow into: alerting on inject dispatch, background generation jobs, and session health
- Harden the database lifecycle: migrations, backups, restore drills, and disaster-recovery runbooks
- Keep CI/CD sharp: preview environments, safe rollouts, fast feedback on every PR
- Put cost guardrails on LLM usage and infrastructure as we scale
What you bring
- 4+ years in DevOps, platform, or SRE roles running production systems
- Hands-on experience with serverless platforms (Vercel, AWS Lambda, or similar) and their failure modes
- Solid Postgres operations, because we run our whole world on it
- CI/CD craftsmanship (we use GitHub Actions) and an automate-it-first reflex
- A pragmatic security mindset; EU data-residency or compliance experience is a plus
Apply with your CV or LinkedIn profile and a few lines on why this role, to info@poisettx.com. A motivation letter is optional; specifics beat length.
Engineering
Security Engineer
We sell cyber readiness, so our own security has to be exemplary. As our first dedicated security hire you own product security across the stack, and your fingerprints end up in the product itself: our exercises are only as good as their technical realism.
Role details
What you'll do
- Own the product security model: authorization reviews, Postgres row-level security, threat modeling for every new feature
- Run vulnerability management and coordinate external pentests end-to-end
- Drive our certification roadmap (ISO 27001, SOC 2) from evidence collection to audit
- Write and drill our own incident response playbooks. Yes, we run our own tabletop exercises on them
- Lend technical depth to exercise scenarios and enterprise security questionnaires
What you bring
- 4+ years in security engineering or application security
- The ability to review real code (TypeScript, SQL) and real architectures, not just checklists
- Deep familiarity with authentication and authorization patterns: RLS, OAuth, session security
- Working knowledge of NIS2, ISO 27001, or SOC 2 from the implementation side
- The self-direction to be a first security hire; blue-team or IR background is a plus
Apply with your CV or LinkedIn profile and a few lines on why this role, to info@poisettx.com. A motivation letter is optional; specifics beat length.
Engineering
AI Engineer
You own the engine that makes an exercise feel alive: a multi-agent war room where AI teammates act in character, and adaptive injects written live as the team responds. This is production LLM engineering: reliability and evals, not demos.
Role details
What you'll do
- Design and tune the agent orchestration: turn-taking, shared situation state, tool use, anti-loop behavior
- Evolve adaptive injects: just-in-time generation with strict validation and fallbacks that can never stall a live exercise
- Build the eval pipelines that let us change prompts and swap models with confidence
- Optimize the latency/cost/quality triangle across model tiers
- Ship your work end-to-end in a Next.js/TypeScript codebase. You own features, not handoffs
What you bring
- Strong TypeScript/full-stack skills plus real production LLM experience
- Prompt-engineering discipline backed by evals, not vibes
- A feel for reliability patterns around non-deterministic systems: validation, fallbacks, idempotency
- A product mindset: you care what the participant experiences, not just what the model outputs
- Interest in the security domain; experience with the Claude API is a plus
Apply with your CV or LinkedIn profile and a few lines on why this role, to info@poisettx.com. A motivation letter is optional; specifics beat length.
Commercial
Business Development Manager
NIS2 obliges tens of thousands of European organizations to structurally train their incident response, and most of them dread the cost and logistics of doing it the old way. You build the pipeline that brings them to a better answer.
Role details
What you'll do
- Build and own the Benelux pipeline: outbound to CISOs and security leads, and fast follow-up on inbound and trials
- Run demos and pilots together with the founders, and carry deals from first call to signature
- Develop partnerships with MSSPs, cyber insurers, and consultancies who deliver exercises to their own clients
- Turn every lost and won deal into sharp product feedback
- Shape the repeatable sales playbook we scale with
What you bring
- 3+ years in B2B SaaS sales or business development, ideally in security or compliance
- Consultative selling skills across technical and executive buyers
- Fluent Dutch and English
- Comfort with early-stage ambiguity: you create structure rather than wait for it
- A network in the Dutch security or NIS2 advisory world is a strong plus
Apply with your CV or LinkedIn profile and a few lines on why this role, to info@poisettx.com. A motivation letter is optional; specifics beat length.
The practical stuff
Joining early means outsized ownership: you shape the product, the codebase, and the culture. The rest shouldn't need selling, just stating.
- Salary ranges published up front, because negotiation shouldn't be a stealth skill
- Hybrid: two days together in Rotterdam, the rest wherever you focus best (NL)
- Stock appreciation rights for every early hire
- €1,500 learning budget a year, plus a conference of your choice
- Top-spec laptop and the peripherals you actually want, from day one
- 25 vacation days and a solid pension arrangement
- Small team, no layers: what you build ships to customers the same week
- Evenings and weekends are yours. We sell preparedness, not burnout
How we hire
Two to three weeks end-to-end, on a timeline we actually keep.
- T+0
You apply
CV or LinkedIn plus a few lines on why this role. Specifics beat length; a motivation letter is optional. We reply within five business days.
- T+1w
Intro call
30 minutes with a founder. We tell you honestly where we are; you tell us what you're looking for. Fit works both ways.
- T+2w
Deep-dive interview
Role-specific and practical: real problems from our roadmap, not brainteasers or whiteboard trivia.
- T+3w
Working session
Half a day with the team on a realistic case, for engineers usually inside the product. You see exactly how we work.
- +48h
Offer
If it's a yes on both sides, you have a written offer within 48 hours. References checked, no drawn-out silence.
Don't see your role?
If you're excellent at something we'll need, and you can make the case for why now, we want to hear from you anyway. Tell us what you'd own in your first six months.
info@poisettx.com