To learn more about how Dell Technologies is supporting our communities, customers, partners and team members, please visit our COVID-19 response site.
Lead Software Architect / Technical Leader: Threat Intelligence - Secureworks - Austin, TX or US Remote
Primary Location: Austin, Texas
Additional Location(s): Austin, Texas
Secureworks® (NASDAQ: SCWX) is a technology-driven cybersecurity leader that protects organizations in the digitally connected world. Built on proprietary technologies and world-class threat intelligence, our applications and solutions help prevent, detect, and respond to cyber threats. Red Cloak™ software brings advanced threat analytics to thousands of customers, and the Secureworks Counter Threat Platform™ processes over 300B threat events per day. We understand complex security environments and are passionate about simplifying security with Defense in Concert™ so that security becomes a business enabler. More than 4,000 customers across over 50 countries are protected by Secureworks, benefit from our network effect and are Collectively Smarter. Exponentially Safer.™ www.secureworks.com
We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
The Red Cloak Threat Detection and Response (TDR) engineering group is looking for a lead software architect for our threat intelligence (TI) product team. You can learn more about Red Cloak TDR: here. You will work in a fast-paced, startup-like environment with an experienced, cross-functional team of software engineers, data scientists, and security experts to develop threat intelligence collection, exploration, and exploitation within our cloud-native security analytics platform. As a technical lead, you will work closely with the Red Cloak engineering leadership, especially the Chief Architect, on steering our TI strategy and execution. If you love the idea of tracking the latest threat actor activity and solving complex engineering challenges, then we want your help securing human progress!
The ideal candidate will have a computer science background with an emphasis on building data collection and storage systems with robust APIs for a variety of consumers. Familiarity with analyst-facing UI/UX and threat actor based security research would also be strong additions. Your focus will be on formulating the technical direction and overall architecture for our security analytic platform’s use of threat intelligence. Our TI product team regularly works with other product teams and security research groups across Secureworks to pursue the best threat intelligence sources. The threat intelligence within our platform is exposed to security analysts in order to provide the strongest possible context during rapid security relevance determinations to defeat potential attackers. The threat intelligence team covers a wide range, including the collection of a variety of sources (APIs, STIX/TAXII, scrapping, etc.), storing and ranking analyst dispositions of quality or relevance, correlations to new or existing threat actor detections, and general exploratory interfaces designed to expose the latest knowledge of threat actors tools, techniques, and procedures.
Provide technical leadership across Red Cloak TDR teams on the architecture, strategy, and development of threat intelligence within our security analytics platform.
Coordinate closely with your peers: Red Cloak Product Managers within the TI product portfolio, as well as other Technical Leads / Architects across the full back- and front-end product areas.
Own feature development for threat intelligence service from design to delivery with high availability for collection processors written in Golang, client facing GraphQL and/or STIX/TAXII APIs, helping to design Angular UI components, as well as the underlying storage & retrieval of categorized threat intelligence.
Extensive hands-on development. Our architect / tech lead philosophy centers on being deeply involved in the projects you will lead.
Design and implement software to be deployed via Docker on Kubernetes, and using public cloud offerings (e.g. AWS, GCP).
Recommend and develop new product concepts and capabilities.
Triage, reproduce, debug, and fix issues identified in the product.
Secure deployed code, update processes, and communication paths against potential attackers that aim to hijack highly privileged applications.
Build tools to support team efficiency and contribute to test automation.
Lead projects efficiently while maximizing performance and minimizing costs.
Ensure high standards are being followed when it comes to design, coding quality, along with unit and component testing.
Work effectively on a geographically distributed team to deliver high quality software against aggressive schedules.
Keen sense of urgency and the ability to prioritize problems, analyze, and resolve issues.
Ability to lead, mentor, communicate, collaborate, and work effectively in a distributed team.
Excellent oral and written communication skills.
- Minimum 7+ years of experience in software development for enterprise-class applications.
- Minimum 2 years experience leading the design and technical direction of API development and data driven applications.
- Minimum of 1 year development experience using Golang
- Minimum of 2 years experience developing a service-oriented or microservice architecture and developing with containers / orchestrators (e.g. Docker, Kubernetes).
- B.S./M.S. in Computer Science or equivalent experience.
Experience with Amazon AWS, Google GCP, or similar cloud provider.
Experience with Kubernetes, including deployments from robust CI/CD pipelines.
Experience with dataflow and queues or message passing (e.g. Kafka, NATS, Redis, RabbitMQ).
Familiarity with GraphQL API development and maintenance.
Computer or information security background, particularly involving threat intelligence production, analysis, and exploitation by security analysts within SIEMs.
Familiarity with STIX/TAXII and other threat intelligence feed providers.
Experience with RDBMS and NoSQL databases (e.g. Postgres, MySQL, Elasticsearch, Athena/Presto, Cassandra/HBase/Accumulo, etc).
Prior experience developing software in an entrepreneurial environment.
Prior experience developing product and customer focused applications.
Secureworks (A Dell Technologies Company) is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Secureworks here.Job ID: R067145