Filigran - Principal Software Engineer

• Technical Vision & Standards for XTM Integration • Define and own the technical principles of the XTM Integration team: architecture patterns, code quality standards, tooling choices, CI/CD practices, AI-assisted development workflows, and benchmarking approaches. • Ensure these principles are understood, embraced, and consistently applied across the team — through documentation, code review, pairing, and example. • Drive the evolution of the connector/integration framework shared across OpenCTI, OpenAEV, and OpenGRC — making it easier, faster, and more reliable to build high-quality integrations. • Make key technical decisions on integration architecture: data flow design, error handling, retry strategies, observability, performance, and security. • Stay ahead of the ecosystem — evaluate new tools, libraries, and patterns before the team needs them. • Open Source Community & Ecosystem • Be a technical steward of Filigran's open-source integration ecosystem — ensuring that the connector framework and all published integrations are exemplary references that external contributors can learn from and build upon. • Define and enforce contribution guidelines, code standards, and documentation practices that make it easy for community members to develop their own connectors. • Engage with the open-source community: review external contributions, provide technical guidance, and represent Filigran's engineering culture publicly. • Design integration APIs and SDKs with the external developer experience in mind — clarity, simplicity, and extensibility are first-class concerns. • XTM Foundation Contribution • Participate actively in the XTM Foundation as a full member — contributing to cross-product engineering principles, shared tooling decisions, and technical standards that apply across OpenCTI, OpenAEV, and OpenGRC. • Bring the integration team's perspective into Foundation discussions, and carry Foundation decisions back into the integration team. • Collaborate with other Principal and Staff Engineers to maintain coherence across the full XTM engineering organization. • Hands-On Engineering • Write production code — you lead by example, not from a distance. • Prototype and validate new approaches before rolling them out to the team. • Review critical PRs with depth and care; your feedback should teach, not just correct. • Contribute to performance benchmarking and observability tooling for the integration layer. • 🤝 Who You'll Work With • Reports to: VP of Technology. • Key collaborators: XTM Integration engineering team; XTM Foundation (Principal/Staff Engineers across OpenCTI, OpenAEV, OpenGRC); Product Managers; open-source community contributors. • Working model: Primarily embedded in the XTM Integration team, with regular participation in XTM Foundation cross-team work. • 🧬 Profile We're Looking For • 8+ years of experience in software engineering, with a track record of technical leadership on complex, production-grade systems. • Deep Python expertise — Python is the core language of the XTM Integration ecosystem. You know the language deeply: its idioms, its ecosystem, its packaging (Poetry, pip, uv), its async patterns, its performance characteristics. • Solid understanding of integration and data pipeline patterns: event-driven architectures, ETL/ELT, API design (REST, GraphQL, webhooks), authentication flows, rate limiting, and error recovery. • Proven ability to define and carry technical standards — you've been the person who raises the bar on a team, not just follows it. • Strong open-source mindset: you understand what it means to build software for an external community, not just internal users. You care about documentation, API ergonomics, and contributor experience. • Excellent written communication — you can write a design doc, a contribution guide, or a code review comment that others actually learn from. • Comfortable working in a remote-first, async culture; clear communicator in English. • Autonomy and ownership: you drive problems to resolution, you don't wait for permission, and you enable others rather than becoming a bottleneck. • Bonus: Experience with cybersecurity tooling (SIEM, EDR, SOAR, threat intelligence platforms); knowledge of STIX/TAXII or other CTI standards; prior open-source maintainership.