QSafe is the first place organisations turn to understand and neutralise their quantum risk. Our post-quantum readiness platform discovers every cryptographic asset across an organisation's estate — TLS endpoints, SSH configurations, certificates, and application-level encryption — and assembles it into a complete Cryptographic Bill of Materials (CBOM). We score quantum risk across every asset and environment in real time, giving security teams a single, evidence-based view of what will break when quantum computers arrive, and what to fix first. Backed by Innovate UK's CyberASAP programme, QSafe turns a problem most organisations can't even see into a prioritised, actionable migration plan.
QSafe is the migration layer for the post-quantum era. We convert cryptographic discovery into outcomes — prioritised remediation, compliance-ready evidence, and migration roadmaps aligned to the NIST post-quantum standards (ML-KEM, ML-DSA) and NCSC guidance. Our platform combines automated scanning, a weighted quantum risk assessment engine, and hybrid post-quantum encryption pipelines to help banks, fintechs, and critical-infrastructure organisations move to quantum-safe cryptography before the deadline — not after the breach.
We're hiring a Full-Stack Developer to help build the QSafe platform — the product at the centre of everything we do, spanning cryptographic discovery, CBOM generation, quantum risk scoring, and migration guidance for security teams.
Every organisation on earth runs on cryptography that quantum computers will eventually break — and adversaries are already harvesting encrypted data today to decrypt it later. Yet most teams can't answer basic questions: What cryptography are we actually running? Where is it? What breaks first? How do we migrate without taking down production? QSafe has an answer to these questions. This role is a chance to build the product defining a brand-new category — cryptographic discovery and post-quantum migration — backed by real customer problems, strong research foundations, and a genuine head start on a market that regulators are now forcing into existence.
You'll work directly with the founders and our cryptography research lead, owning features end to end — from FastAPI services and PostgreSQL data models to the React dashboards our customers use to understand their risk. You'll ship quickly, run what you build, and shape the architecture of the platform as it scales.
What Success Will Look Like
- Own platform features end to end: design, build, and ship FastAPI services and React interfaces that turn complex cryptographic data into clear, actionable views for security teams — from concept to production to iteration.
- Build the engine room: extend the scanning, CBOM generation, and quantum risk scoring pipelines, modelling PostgreSQL schemas and Redis caching that handle scan results and asset inventories at scale.
- Run production with confidence: deploy and operate services on Linux with Docker, Nginx, and GitLab CI/CD — you build it, you run it, and you make it observable.
- Harden everything you touch: we're a security company; secure coding, TLS done properly, and careful handling of customer data are table stakes, not afterthoughts.
- Drive execution: trace issues across the full stack, fix root causes rather than symptoms, prioritise ruthlessly, and keep shipping.
Who You Are and What You've Done
- You have 3–5 years of professional full-stack experience with production systems you've genuinely owned — not just contributed to.
- You write strong, clean Python and have built and versioned real-world APIs with FastAPI or a comparable async framework.
- You're solid in React — component architecture, state management, and an eye for interfaces people actually enjoy using.
- You're confident with PostgreSQL and Redis — schema design, query performance, and caching strategy come naturally to you.
- You're at home on Linux servers — Docker, Nginx, and CI/CD pipelines are part of your daily toolkit.
- You have a debugger's mindset — you enjoy the hunt, read logs and stack traces carefully, and write the fix plus the test that proves it.
- You thrive in startup ambiguity — you communicate clearly in a remote team and would rather ship and iterate than wait for perfect specs.
- Bonus: exposure to applied cryptography (TLS internals, certificates, SSH, key management) or genuine curiosity about post-quantum cryptography — Kyber/ML-KEM, Dilithium/ML-DSA, and the NIST PQC standards.
Our Tech Stack
This is a full-time, fully remote position based in India. Compensation is competitive and determined by several factors, including your qualifications, professional background, and relevant experience.
Apply for this job
We keep it simple — no lengthy forms. Email us the three things below and we'll get back to you within a week.
- Your GitHub profile or portfolio — anything that shows how you build.
- A short note about a challenging bug or technical problem you've solved — what it was, how you tracked it down, and what you learned. This matters more to us than a cover letter.
- Your availability and notice period.
careers@qsafe.digital · Subject: "Application — Full-Stack Developer"
To learn more about how QSafe helps organisations prepare for the post-quantum era, visit qsafe.digital.
QSafe is an equal-opportunity employer. We evaluate applications on skills and potential, and we welcome candidates from all backgrounds. If you don't tick every box but the problem space excites you, we'd still like to hear from you.