Silver.dev - Cybersecurity Company - Senior Integration Engineer

Buenos Aires, Argentina$60k - $80k3w ago

Remote Senior LATAM Cybersecurity Cloud Computing Integration Engineer Cybersecurity Engineer REST Python Splunk Celery SQL

Upload My Resume

Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT

Apply in One Click

Requirements

• Python 3+ years, this is 90% of the work • REST API integration consuming third-party APIs, OAuth2/API key auth, pagination, rate limiting, and retry with backoff • SIEM/EDR platforms hands-on experience with at least 2-3: CrowdStrike Falcon, Splunk, Microsoft Sentinel, Palo Alto, Fortinet, Zscaler • Background job systems Celery, RQ, or equivalent (scheduling, error handling, dead letter queues) • Data serialization JSON, CSV, XML; comfortable transforming between vendor-specific formats • SQL writing and understanding queries against security event data • AWS fundamentals S3 (file hosting), Secrets Manager (credential storage) • Git version control, PR workflow • falconpy (CrowdStrike Python SDK) our largest integration • STIX 2.x / TAXII 2.1 industry standard for threat intel sharing • EDL (External Dynamic List) pattern Palo Alto, Zscaler, FortiGate • FastAPI or any async Python web framework • Sigma rule format ties into detection rule deployment • Snowflake / Databricks SQL-based detection engineering against data lakes • Threat intelligence domain knowledge IOC types, predictions, blocklists, what SOC teams need • Experience at a security vendor (SOAR, TIP, SIEM, or MDR) building platform integrations • Vendor partner program experience (CrowdStrike Marketplace, Splunk Apps, Palo Alto Cortex XPANSE)

Responsibilities

• Maintain and improve existing integration connectors (CrowdStrike, Sentinel, Palo Alto, Fortinet, etc.) across v1 and v2 • Build new vendor connectors as customer demand requires, handle auth flows, data formatting, batching, error handling, and rate limiting • Potentially port the Flask to FastAPI as the platform migration progresses • Implement the detection rule deployment pipeline push Sigma-generated rules to SIEMs in monitor/block mode via vendor APIs • Build inbound event ingestion, pull security events from customer SIEMs into Augur for correlation and enrichment • Own the credential management system, secure storage, rotation, and validation of customer API keys and OAuth tokens • Build and maintain bulk feed exports STIX/TAXII, EDL, CSV, and custom formats hosted on S3 • Design job scheduling and monitoring Celery tasks with retry logic, error alerting, sync status tracking • Support data lake integrations (Snowflake, Databricks) generate and deploy SQL-based detections against customer schemas • Troubleshoot customer integration issues, debug sync failures, credential problems, data format mismatches • Write integration tests and maintain connector health checks

Benefits

• Senior SWE$60K – $80K • US holidays - 15 days of PTO - Macbook • Upload your resume here to autofill key application fields. • Drop your resume here! • Parsing your resume. Autofilling key fields... • or drag and drop here • Do you have experience with live coding interviews? If not, are you willing to practice in preparation for them if required? • Why are you interested in this position? • X (formerly Twitter) • Job alerts email • None of the above • I opt out of receiving email job alerts and any other communication not related to this specific job.