Principal Engineer & CMS Platform Lead 

Location: [Remote / Europe / Israel/ Cyprus] 

Technology: TypeScript, Node.js, Next.js, CMS (Open-Source), AI Localization. 

About Kape Technologies 

Kape (LSE: KAPE, privatized 2023) is a global leader in the "Privacy-First" digital security era. We are the powerhouse behind the world’s most trusted consumer privacy brands. 

With over 7 million paying subscribers and a global team of 1,000+ experts across 10 locations, our mission is to provide complete digital autonomy. We believe that a free and open internet starts with state-of-the-art technology. As we scale toward the next 10 million users, we are consolidating our web infrastructure into a unified, next-generation content platform that matches the world-class engineering of our core VPN products. 

The Challenge 

You will lead the engineering squad responsible for retiring our legacy WordPress instances across brands. You aren't just building a website; you are building a Content Operating System powered by an open-source headless CMS at its core. This platform must support high-velocity PPC landing pages, complex multi-language blogs, and technical support hubs—all while maintaining the extreme performance and security standards expected of global privacy leaders. 

A key part of this role is evaluating and adopting an open-source CMS solution (such as Strapi, Payload CMS, Directus, or KeystoneJS) as the foundation of the new platform. You will assess these solutions against our requirements for extensibility, multi-tenancy, and API-first content delivery, and lead the customization and integration effort to make the chosen platform fit our multi-brand ecosystem. 

Key Responsibilities 

• Open-Source CMS Selection & Integration: Evaluate and lead the adoption of an open-source headless CMS (e.g., Strapi, Payload CMS, Directus, KeystoneJS) as the content backbone. Define selection criteria around extensibility, plugin ecosystem, multi-tenancy support, role-based access, and API performance. Own the customization roadmap to tailor the chosen solution to our multi-brand needs.
• Unified Architecture: Design a multi-brand, component-based headless system built on the selected open-source CMS. You will architect the "Core Engine" that allows all three brands to share high-performance components while maintaining unique visual identities. 
• Inheritance & Customization: Solve the "Parent-Child" challenge. Build a system where a global campaign (Parent) can be instantly deployed across dozens of regional versions (Children) with localized overrides and inherited SEO logic. 
• Infrastructure & Security Governance: Partner with DevOps to define the global delivery strategy. You will oversee requirements for Edge Computing (ISR/Edge Functions), WAF, and multi-layered caching (Redis/CDN) to ensure sub-second LCP (Largest Contentful Paint) globally. 
• AI-Powered Localization: Architect a native-feeling translation pipeline. Integrate LLMs to handle context-aware translations and build an AI "Quality Gate" that automatically checks pages for SEO health and UI regressions before they go live. 
• Visual Editor Implementation: Bridge the gap between engineering and marketing by leveraging the chosen open-source CMS's admin panel and extending it with a high-performance visual editing experience that doesn't bloat the frontend code. 

Technical Requirements (Hard Skills) 

• Next.js & React Mastery: Expert-level experience with the App Router, Server Components, and performance optimization for massive traffic (millions of monthly uniques). 
• Node.js/TypeScript Ecosystem: Deep experience building robust, type-safe APIs and microservices. Hands-on experience with open-source headless CMS platforms (Strapi, Payload CMS, Directus, or similar) is a strong advantage. 
• Multi-layered Caching: Professional-grade understanding of browser, server-side, and edge caching strategies. 
• Infrastructure Fluency: Ability to set precise tasks for DevOps and verify the integrity of deployments, proxying, and firewalling. 
• Technical SEO: Deep knowledge of how headless architectures impact crawlability, schema, and dynamic sitemaps. 

Why Join Kape? 

This is a rare opportunity to own the web platform for one of the biggest names in cybersecurity. You will have the budget and the mandate to move away from legacy debt and build a "Golden Path" for web development using the best of the JavaScript and open-source ecosystem—starting with a best-in-class headless CMS as the foundation.

About the job

The world’s most critical--and at risk--business applications have been neglected for far too long. Onapsis eliminates this blind spot by providing cybersecurity solutions dedicated to business-critical applications. Whether running on premises, in the cloud, or in a hybrid environment, Onapsis helps nearly 30% of the Forbes Global 100 understand the threats and risks across their SAP and Oracle landscapes.

We are seeking a Senior Data Engineer to join our mission-driven team. This role is ideal for experienced data engineers with a proven track record in architecting scalable data pipelines, leveraging cloud technologies, and contributing to high-impact cybersecurity solutions. You will be responsible for building high-performance ETL frameworks, optimizing data platforms, and contributing directly to the enhancement of our customers' threat detection, response, and remediation capabilities.

What you will be doing, your legacy: 

You will be working directly with company Principal Engineers evaluating, scoping, proposing, and building features to fulfill business solution requirements to protect our customers. You will play a direct role in laying the technical foundation for a new product offering. Additionally, you will be working with Engineering and DevOps to deliver high-quality products and services while also working closely with security and IT professionals to ensure safe and secure best practices are followed. 

Responsibilities:

• Architect and Design Scalable Data Solutions: Design/develop/maintain Data lakehouse solutions (Iceberg/Delta Lake /Hudi) applying industry best practices and structuring / optimizing the data according to data access patterns.
• Data Pipeline Development: Implement ETL/ELT pipelines using cloud technologies (Spark / pySpark / Glue, Kinesis Streams / Iceberg) to load the data into a Lakehouse for both efficient ML processing and UI reporting.
• Implement data models and data processing frameworks (Spark, Kafka, Snowflake) to ingest, transform, and load large datasets into Data Lakehouse techs (Apache Iceberg, Apache Delta Lake or Apache Hudi), ensuring high availability and reliability of data.
• Advanced Data Integration: Develop solutions that integrate multiple data sources into Snowflake or similar data warehouses to enable real-time analytics and reporting across dashboards.
• AI/ML Integration: Collaborate with cross-functional teams to co-develop AI-driven features identifying patterns and anomalies in client data using AI/ML technologies (python).
• Compliance and Security: Ensure compliance with industry standards and secure best practices (SOX, SOC 1/2), by implementing data governance frameworks, monitoring data pipelines, and optimizing cloud database architectures to protect sensitive information.
• Stakeholder Collaboration: Work closely with stakeholders, including analysts, engineers, and product managers, to understand their data needs, propose solutions, and drive data-driven decision-making by delivering actionable insights.
• Data Infrastructure Monitoring: Continuously monitor, troubleshoot, and enhance data pipelines, leveraging CI/CD tools (Docker, Jenkins, GitHub Actions) and orchestrating workflows using Apache Airflow to maintain operational efficiency.
• Leadership and Mentorship: Provide hands-on mentorship and technical guidance to junior engineers, including code reviews and architecture discussions.
• Documentation and Governance: Establish comprehensive documentation for data architecture, governance, and processes to ensure scalability, compliance, and security.

Qualifications:

• 5+ years of proven experience as a Data Engineer or in a similar role with a deep understanding of data architecture and cloud-based ETL/ELT frameworks.
• Strong experience with AWS (preferably) or Azure , particularly with Glue, EMR, S3, Lambda. Databricks, Snowflake, Synapse experience is a bonus.
• Proficiency in big data technologies such as Apache Spark, Kafka, Hadoop, and Databricks for distributed data processing.
• Proficiency with Python libraries for data processing and ML (e.g., Pandas, NumPy, Polars, Scikit-learn, PyTorch, TensorFlow).
• Hands-on experience in building real-time data processing and AI/ML-driven analytics solutions (SageMaker, Bedrock, NLP, Power BI).
• Ability to architect and manage data lakehouse solutions (Iceberg / Delta Lake / Hudi) or classic warehouse solutions (Redshift, Snowflake).
• Familiarity with compliance and audit requirements (SOX, SOC 1/2, GDPR) and implementing data governance and security frameworks.
• Strong problem-solving skills with a focus on data integrity, scalability, and performance optimization.
• Experience with CI/CD tools (Jenkins, GitHub Actions, Docker) and data orchestration platforms (Apache Airflow).

Preferred Qualifications:

• Experience with advanced data architecture principles (medallion architecture, materialized views, task scheduling).
• Experience using BI tools (e.g., Power BI, Tableau) for real-time analytics and operational reporting

What we offer: 

• A role in shaping the future of protecting the most critical applications that run the world's business and a career that grows as the company grows.
• A unique culture of high achievement and teamwork.
• Supportive and humble colleagues are the space's top problem solvers and innovators.
• Financial security through competitive compensation and incentives.

Location: Onapsis is established a new development center in Bucharest. This is a hybrid role (1-2 days per week from the office), so candidates must be commutable to Bucharest every week.

About Onapsis:

Onapsis protects the business applications that run the global economy. The Onapsis Platform delivers vulnerability management, change assurance, and continuous compliance for business applications from leading vendors such as SAP, Oracle, and others. The Onapsis Platform is powered by the Onapsis Research Labs, the team responsible for the discovery and mitigation of more than 1,000 zero-day vulnerabilities in business applications.

Onapsis is headquartered in Boston, MA, with egional offices in Heidelberg, Germany; Buenos Aires, Argentina; Texas, USA, and now in Bucharest, Romania; and proudly serves hundreds of the world’s leading brands, including close to 30% of the Forbes Global 100, six of the top 10 automotive companies, five of the top 10 chemical companies, four of the top 10 technology companies, and three of the top 10 oil and gas companies. 

For more information, connect with Onapsis on LinkedIn or visit https://www.onapsis.com.

#LI-AC1

#LI-Hybrid