Key skills
Cyber SecurityETLGraphQLPythonAIELTpippoetryCI/CDLeadershipCommunication
About this role
Role Overview
- Define and own the technical principles of the XTM Integration team: architecture patterns, code quality standards, tooling choices, CI/CD practices, AI-assisted development workflows, and benchmarking approaches.
- Ensure these principles are understood, embraced, and consistently applied across the team — through documentation, code review, pairing, and example.
- Drive the evolution of the connector/integration framework shared across OpenCTI, OpenAEV, and OpenGRC — making it easier, faster, and more reliable to build high-quality integrations.
- Make key technical decisions on integration architecture: data flow design, error handling, retry strategies, observability, performance, and security.
- Stay ahead of the ecosystem — evaluate new tools, libraries, and patterns before the team needs them.
- Be a technical steward of Filigran's open-source integration ecosystem — ensuring that the connector framework and all published integrations are exemplary references that external contributors can learn from and build upon.
- Define and enforce contribution guidelines, code standards, and documentation practices that make it easy for community members to develop their own connectors.
- Engage with the open-source community: review external contributions, provide technical guidance, and represent Filigran's engineering culture publicly.
- Design integration APIs and SDKs with the external developer experience in mind — clarity, simplicity, and extensibility are first-class concerns.
- Participate actively in the XTM Foundation as a full member — contributing to cross-product engineering principles, shared tooling decisions, and technical standards that apply across OpenCTI, OpenAEV, and OpenGRC.
- Bring the integration team's perspective into Foundation discussions, and carry Foundation decisions back into the integration team.
- Collaborate with other Principal and Staff Engineers to maintain coherence across the full XTM engineering organization.
- Write production code — you lead by example, not from a distance.
- Prototype and validate new approaches before rolling them out to the team.
- Review critical PRs with depth and care; your feedback should teach, not just correct.
- Contribute to performance benchmarking and observability tooling for the integration layer.
Requirements
- 8+ years of experience in software engineering, with a track record of technical leadership on complex, production-grade systems.
- Deep Python expertise
- Python is the core language of the XTM Integration ecosystem. You know the language deeply: its idioms, its ecosystem, its packaging (Poetry, pip, uv), its async patterns, its performance characteristics.
- Solid understanding of integration and data pipeline patterns: event-driven architectures, ETL/ELT, API design (REST, GraphQL, webhooks), authentication flows, rate limiting, and error recovery.
- Proven ability to define and carry technical standards
- you've been the person who raises the bar on a team, not just follows it.
- Strong open-source mindset: you understand what it means to build software for an external community, not just internal users. You care about documentation, API ergonomics, and contributor experience.
- Excellent written communication
- you can write a design doc, a contribution guide, or a code review comment that others actually learn from.
- Comfortable working in a remote-first, async culture; clear communicator in English.
- Autonomy and ownership: you drive problems to resolution, you don't wait for permission, and you enable others rather than becoming a bottleneck.
- Bonus: Experience with cybersecurity tooling (SIEM, EDR, SOAR, threat intelligence platforms); knowledge of STIX/TAXII or other CTI standards; prior open-source maintainership.
Tech Stack
- Cyber Security
- ETL
- GraphQL
- Python
Benefits
- Competitive pay + equity
- everyone shares in our success
- Remote-first, flexible, and balanced
- work that fits your life
- Your setup, your choice
- pick the gear that works for you
- Twice-a-year gatherings
- we meet in person for regional and global offsites to connect, collaborate, and strengthen our culture beyond the screen