Lead Security Developer
Arctic Wolf
Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.
Our mission is simple: End Cyber Risk. We’re looking for a Lead Security Developer to be part of making that happen.
About the Role
A Lead Security Developer is both a cybersecurity expert and an experienced detections developer for endpoint, network or cloud. They research and curate alerts and reports for their surface area. They look at new and emerging threats to identify the investments we should be making to improve our threat detection capabilities. They have a strong security engineering and software development background that has a track record of developing high quality vulnerability and security posture management/analysis tooling and content for network, endpoint, and cloud. This role works with team members, Product Management, Security Services and various other specialists to continuously improve the coverage and efficiency of our Managed Risk solution.
A Lead Security Developer is responsible for providing the team technical direction to deliver high value detection capabilities. The Lead Security Developer will provide technical and security guidance and direction to their team through the entire development lifecycle. They will also provide guidance on best practices for performing research and developing detections.
Responsibilities Include:
Serve as a technical leader in our area of development
Work across teams on cross-organizational initiatives
Work closely with technical leadership across the Security Products team and the company to drive and deliver on longer term outcomes as well as immediate threats
Propose coverage and efficacy improvements to the detection surface
Work with team members to develop novel detections and continuously tune existing ones
Participate in the full software development life cycle
Build well-designed, testable, efficient and secure code
Integrate software components into a fully functional software system.
Document and maintain software functionality.
Provide expert advice in resolving customer support tickets.
Write runbooks, reports, and supporting material for detection surface
Document research findings and knowledge share with team and other departments
Troubleshoot, educate, and share information with non-technical people
Contribute to the growth and mentorship of other team members
Work with team members to continuously improve coverage, efficiency and deliver customer-facing and internal services
Produce specifications and determine operational feasibility
Deliver and describe design considerations by leveraging strong verbal and written skills
Develop and implement a strong testing and validation regime that other team members can easily follow and implement
We value a culture of sharing, so every team can share their work with the entire department during our monthly R&D Demos. Once a year we hold a department-wide Hackathon, teaming up across all R&D teams over four days to collaborate and build cool ideas outside the normal project scope. Innovation is the focus, and some of these ideas do make it into our products.
About You :
We use and train a variety of technologies in Managed Risk. As a Lead Developer you bring a diverse knowledge base that you use to help the team solve complex technical and security problems.
Skills Requirements:
Required - 2+ years of experience as a Lead Developer.
Required - 8+ years' experience with the following Development Languages:
Must Have: Go, Python
Bonus: Java, Node.js, C/C++
Experience with:
Test Driven Development
Full understanding and use of DevOps methods/tooling
Full understanding/application of secure development practices
Cloud Development: AWS, Azure, and GCP using
Kubernetes/Containers, IaaS, and key PaaS services
Agile (SCRUM/Kanban)
Infrastructure as Code Methodologies and Development (I.e., Salt Stack, Terraform, Ansible, cloud orchestration platform equivalents a plus)
We are looking for someone who has 8+ years' experience in the development of security products/systems with a focus on 2 or more of the following key areas:
Classic Endpoint Vulnerability and Config Management:
Host based vulnerability detection
Network based vulnerability scan and NVT development
CIS Benchmark implementation
Detailed knowledge in the inner workings of vulnerability scanners such as Qualys, Rapid7, Tenable, etc.Experience with identifying product and market changes and needed analysis/detection coverage changes in your existing sources
Cloud Config and Posture Management:
Dev of security policy in Cloud Service Providers (I.e Azure Policy, AWS Sec Hub)
Pipeline Hardening Checks
Rule Development – will consider experience in rule/ signature development such as:
NDR/IPS/IDS detections/signatures
Snort
EDR (Endpoint Detection and Response) detections/signatures
Sigma and Yara rules
Development of anomaly and behavioral based detections
Regular expressions
Experience with one or more of the following security tooling is highly regarded and will be considered:
3rd Party Vulnerability Management Platforms:
Qualys
Nessus
Tanium
Cloud based configuration and Security Posture Management tools:
Azure Security Centre, AWS Security Hub
Sonrai
Cloudsploit
Divvy Cloud
Open Source Platforms:
Nmap
OpenVAS
OpenSCAP
Burp
Metasploit
You can perform programming tasks and large engineering projects with independence and expertise. You will be responsible for guiding and mentoring other staff members and will regularly lead technical projects. You have a high level of mastery over software development best practices and building reusable design patterns.
You have a history of delivering successful projects, as well as some lessons learned from failures. Even if you haven’t worked with all our specific technologies, you bring a diverse knowledge base that you use to help the team solve complex technical problems. You’ll receive all the security training you need during our onboarding process and through additional training on the job.
Interview Process
The interview process is approximately as follows:
Phone pre-screening: A recruiter contacts you to briefly discuss your work history and provide an overview of Arctic Wolf. Approximately 30 minutes.
Technical assessment: A recruiter sends you a link to a straightforward technical assessment that is relevant to the role you are applying for. Approximately 1 hour.
Online interviews: Several team members conduct two interviews to learn more about you and provide more information about your potential role and team. Be prepared to collaborate on a technical problem and talk more about past projects and your career goals. Approximately 1 hour per interview.
About Arctic Wolf
At Arctic Wolf, we recognize that success comes from delighting our customers. We believe in being lean – in constantly building, measuring, and learning in all aspects of our business. And, we truly value people. All wolves are welcome to join the Arctic Wolf pack, with compelling compensation packages, benefits, and equity for employees.
Our Values
Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good.
We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.
We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.
All wolves receive compelling compensation and benefits packages, including:
Equity for all employees
Flexible time off, paid volunteer days and paid parental leave
RRSP and 401k match
Medical, Dental, and Vision insurance
Health Savings and Flexible Spending Agreement
Voluntary Legal Insurance
Training and career development programs
Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com.
Previous security experience is preferred but not required. We provide all the cybersecurity training you need during onboarding and on-the-job training.
Security Requirements
Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).
Background checks are required for this position.
This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations (“EAR”). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these U.S. export control laws and regulations.