Job Description We're looking for a Software Engineer to join our team. In this role, you'll build integrations between different cybersecurity platforms and third-party systems. You'll use both specialized low-code/no-code tools for quick development and Python scripting for more complex needs. Your work will directly support our security analysts by ensuring they have the correct data and automation to detect and respond to threats : Research and Evaluate APIs : Research and evaluate APIs from third-party platforms (e. g., SIEMs, threat intelligence providers, logging tools, etc. ) to identify the most relevant integrations for our Security Operations Center (SOC) Analysts. Design and Develop Integrations : Design, develop, and deploy secure and scalable API integrations that bring real-time data and insights into the Metron Security ecosystem. API Interaction and Data Management : Make robust API calls to third-party platforms to extract existing data and generate new data or actions on those platforms. API Protocol Expertise : Work with RESTful APIs and OpenAPI/Swagger specification to define and integrate APIs efficiently. Custom Scripting : Utilize Python scripting for complex data transformations, custom business logic, and advanced automation. Collaboration : Collaborate closely with Security Analysts and Backend Engineers to thoroughly understand SOC workflows and deliver features that directly enhance threat visibility and response capabilities. Command-Line Proficiency : Leverage the command-line interface (CLI) for API testing, automation, deployment, and debugging tasks (e. g., using curl, httpie, jq, and Bash scripting). Code Quality : Write clean, maintainable, and well-documented code, adhering to best security and software development practices. Requirements API Expertise : Strong analytical and problem-solving skills with a proven ability to evaluate third-party APIs, understand their utility, and map them to security operations needs. API Protocols : Hands-on experience with API protocols and specifications, including REST and OpenAPI/Swagger. Programming Proficiency : Proficiency in Python for scripting, custom logic, and advanced automation, with comfort in other languages like Go, Java, or Node.js a plus. Authentication and Authorization : Practical experience with various authentication and authorization mechanisms : Basic Auth, OAuth 2.0 (including different flows), JWT, and API Keys. Command-Line Tools : Comfortable and experienced working with CLI tools such as curl, httpie, jq, and scripting environments like Bash for API interaction and debugging. Version Control : Familiarity with version control systems (e. g., Git) and collaborative development workflows. Problem-Solving : Excellent analytical and problem-solving skills with a logical approach to integration challenges. Communication : Strong verbal and written communication skills to articulate technical concepts to both technical and non-technical audiences. Nice-to-Have Skills Experience in building integrations with specific cybersecurity platforms, such as EDRs, SIEMs, SOARs, and Vulnerability Management tools. Knowledge of data modeling and data transformation, along with their best practices. Understanding of cloud platforms (AWS, Azure, GCP) and their API ecosystems. Experience with continuous integration/continuous deployment (CI/CD) pipelines. (ref:hirist.tech) Show more Show less