Principal Security Developer

Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience. 

Our mission is simple: End Cyber Risk. We’re looking for a Senior Principal Security Developer to be part of making that happen. 

About the Role 

A Principal Security Developer is both a cybersecurity expert and an experienced detections developer for endpoint, network or cloud. They research and curate alerts and reports for their surface area. They look at new and emerging threats to identify the investments we should be making to improve our threat detection capabilities. They have a strong security engineering and software development background that has a track record of developing high quality vulnerability and security posture management/analysis tooling and content for network, endpoint, and cloud.  This role works with team members, Product Management, Security Services and various other specialists to continuously improve the coverage and efficiency of our Managed Risk solution. 

A Principal Security Developer is responsible for providing the team technical direction to deliver high value detection capabilities. The Principal Security Developer will provide technical and security guidance and direction to their team through the entire development lifecycle. They will also provide guidance on best practices for performing research and developing detections. 

Responsibilities Include: 

• Serve as a technical leader in our area of development 

• Work across teams on cross-organizational initiatives  

• Work closely with technical leadership across the Security Products team and the company to drive and deliver on longer term outcomes as well as immediate threats 

• Propose coverage and efficacy improvements to the detection surface  

• Work with team members to develop novel detections and continuously tune existing ones 

• Participate in the full software development life cycle 

• Build well-designed, testable, efficient and secure code 

• Integrate software components into a fully functional software system. 

• Document and maintain software functionality.  

• Provide expert advice in resolving customer support tickets. 

• Write runbooks, reports, and supporting material for detection surface 

• Document research findings and knowledge share with team and other departments 

• Troubleshoot, educate, and share information with non-technical people 

• Contribute to the growth and mentorship of other team members 

• Work with team members to continuously improve coverage, efficiency and deliver customer-facing and internal services 

• Produce specifications and determine operational feasibility 

• Deliver and describe design considerations by leveraging strong verbal and written skills 

• Develop and implement a strong testing and validation regime that other team members can easily follow and implement 

We value a culture of sharing, so every team can share their work with the entire department during our monthly R&D Demos. Once a year we hold a department-wide Hackathon, teaming up across all R&D teams over four days to collaborate and build cool ideas outside the normal project scope. Innovation is the focus, and some of these ideas do make it into our products. 

About you 

We use and train a variety of technologies in Managed Risk. As a Principal Developer you bring a diverse knowledge base that you use to help the team solve complex technical and security problems. 

Skills Requirements: 

We are looking for someone who has 8+ years' experience in the development of security products/systems with a focus on 2 or more of the following key areas:  

Classic Endpoint Vulnerability and Config Management: 

• Host based vulnerability detection 

• Network based vulnerability scan and NVT development 

• CIS Benchmark implementation 

• Detailed knowledge in the inner workings of vulnerability scanners such as Qualys, Rapid7, Tenable, etc.Experience with identifying product and market changes and needed analysis/detection coverage changes in your existing sources  

Cloud Config and Posture Management: 

• Dev of security policy in Cloud Service Providers (I.e Azure Policy, AWS Sec Hub) 

• Pipeline Hardening Checks 

Rule Development – will consider experience in rule/ signature  

development such as: 

• NDR/IPS/IDS detections/signatures 

• Snort 

• EDR (Endpoint Detection and Response) detections/signatures 

• Sigma and Yara rules 

• Development of anomaly and behavioral based detections 

• Regular expressions 

8+ years' experience with the following Development Languages: 

• Must Have: Python and/or Go 

• Bonus: Java, Node.js, C/C++ 

 Experience with: 

• Test Driven Development 

• Full understanding and use of DevOps methods/tooling 

• Full understanding/application of secure development practices 

• Cloud Development: AWS, Azure, and GCP using  

• Kubernetes/Containers, IaaS, and key PaaS services 

• Agile (SCRUM/Kanban) 

• Infrastructure as Code Methodologies and Development (I.e., Salt Stack, Terraform, Ansible, cloud orchestration platform equivalents a  plus) 

 Experience with one or more of the following security tooling is highly regarded and will be considered: 

3rd Party Vulnerability Management Platforms: 

• Qualys 

• Nessus 

• Tanium 

 Cloud based configuration and Security Posture Management tools: 

• Azure Security Centre, AWS Security Hub 

• Sonrai 

• Cloudsploit 

• Divvy Cloud 

 Open Source Platforms: 

• Nmap 

• OpenVAS 

• OpenSCAP 

• Burp 

• Metasploit 

You can perform programming tasks and large engineering projects with independence and expertise. You will be responsible for guiding and mentoring other staff members and will regularly lead technical projects. You have a high level of mastery over software development best practices and building reusable design patterns. 

You have a history of delivering successful projects, as well as some lessons learned from failures. Even if you haven’t worked with all our specific technologies, you bring a diverse knowledge base that you use to help the team solve complex technical problems. You’ll receive all the security training you need during our onboarding process and through additional training on the job. 

Interview process 

The interview process is approximately as follows: 

• Phone pre-screening: A recruiter contacts you to briefly discuss your work history and provide an overview of Arctic Wolf. Approximately 30 minutes. 

• Technical assessment: A recruiter sends you a link to a straightforward technical assessment that is relevant to the role you are applying for. Approximately 1 hour. 

• Online interviews: Several team members conduct two interviews to learn more about you and provide more information about your potential role and team. Be prepared to collaborate on a technical problem and talk more about past projects and your career goals. Approximately 1 hour per interview. 

About Arctic Wolf 

At Arctic Wolf, we recognize that success comes from delighting our customers. We believe in being lean – in constantly building, measuring, and learning in all aspects of our business. And, we truly value people. All wolves are welcome to join the Arctic Wolf pack, with compelling compensation packages, benefits, and equity for employees. 

Our Values 

Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good. 

We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here. 

We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities. 

All wolves receive compelling compensation and benefits packages, including: 

Equity for all employees 

• Flexible time off, paid volunteer days and paid parental leave 

• RRSP and 401k match 

• Medical, Dental, and Vision insurance 

• Health Savings and Flexible Spending Agreement 

• Voluntary Legal Insurance 

• Training and career development programs 

Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com. 

Previous security experience is preferred but not required. We provide all the cybersecurity training you need during onboarding and on-the-job training. 

Security Requirements: 

Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies). 

Background checks are required for this position.