Integration Lead

Position Summary

The Integration Lead is responsible for the design, development, implementation, and validation of all integrations supporting the Security Hub platform. This role will lead the creation of an integration-first architecture enabling telemetry ingestion, data normalization, event correlation, workflow orchestration, and automated remediation across the Data Private Cloud (DPC) ecosystem.

The Integration Lead will work closely with Security Hub Architects, Platform Engineers, Data Engineers, Security Operations teams, and enterprise platform owners to establish secure, scalable, and resilient integrations that support Security Hub as the authoritative system of record for security findings.

 

Key Responsibilities

Integration Architecture & Design

Design and implement an event-driven integration architecture supporting Security Hub operations.

Define integration patterns, API standards, data exchange models, and message flows.

Develop integration roadmaps aligned with phased Security Hub delivery.

Ensure integrations support scalability, resiliency, security, and auditability requirements.

Enterprise & DPC Integrations

Lead design and implementation of integrations with:

Keycloak

Ranger

OpenShift APIs

Kafka

LGTM

StorageGRID

DataHub

Vault/Venafi

ServiceNow

Enterprise observability platforms

Security monitoring and logging platforms

Telemetry & Data Pipeline Enablement

Design telemetry ingestion, normalization, and correlation services.

Implement event-processing and message-routing capabilities.

Establish common security event and finding data models.

Ensure reliable, ordered, and traceable data movement across platforms.

Support centralized visibility and workflow orchestration.

Workflow Orchestration & Automation

Design integration services supporting remediation workflows and approval-gated enforcement.

Enable automated incident routing and ServiceNow integration.

Support implementation of AI-assisted triage and response workflows.

Develop reusable integration services and APIs.

Security Hub System of Record Enablement

Support establishment of Security Hub as the authoritative source for security findings.

Design synchronization and data reconciliation processes.

Ensure data integrity, retention, traceability, and audit readiness.

Support implementation of finding lifecycle management workflows.

Testing & Validation

Develop integration test plans and validation procedures.

Coordinate end-to-end integration testing activities.

Validate performance, resiliency, and failover capabilities.

Resolve integration defects and operational issues.

Operational Readiness

Develop integration support documentation and runbooks.

Support production deployments and cutover activities.

Participate in knowledge transfer and operational handoff.

Support post-production hypercare and stabilization activities.

 

Required Skills & Experience

Experience

10+ years of integration, middleware, API, or enterprise application integration experience.

5+ years leading complex integration initiatives.

Experience implementing large-scale enterprise integration platforms.

Experience supporting cloud-native and event-driven architectures.

Technical Skills

API Design & Development

REST, JSON, XML

Kafka / Event Streaming Platforms

Event-Driven Architecture

Enterprise Integration Patterns

Microservices Architecture

OpenShift / Kubernetes

ServiceNow Integrations

Data Pipelines & Messaging Platforms

Python, Java, or similar development languages

CI/CD and DevOps practices

Security & Platform Knowledge

IAM and Identity Platforms

Security Operations Workflows

Observability and Monitoring Platforms

Security Event Management

Cloud Platforms (AWS, Azure, Google Cloud Platform)

Zero Trust Concepts

 

Preferred Qualifications

Experience integrating SIEM, SOAR, Security Hub, SOC, CNAPP, or CSPM platforms.

Experience with Keycloak, Ranger, Kafka, and ServiceNow.

Experience implementing OpenShift-based solutions.

Experience supporting highly regulated financial services environments.

Experience implementing event-driven workflow orchestration.

Experience supporting AI-enabled automation platforms.

 

Key Deliverables

Integration Architecture Documents

API Specifications and Interface Designs

Telemetry Ingestion & Normalization Pipelines

Event Correlation Services

Workflow Orchestration Services

Integration Adapters and Connectors

Data Mapping & Transformation Specifications

Integration Test Plans and Validation Reports

Operational Runbooks and Support Documentation

 

Success Measures

Successful integration of all approved enterprise and DPC platforms

Reliable telemetry ingestion, normalization, and correlation

End-to-end workflow orchestration operational

Security Hub system-of-record capabilities functioning as designed

Integration performance and resiliency objectives achieved

Successful production deployment and operational transition

Audit-ready traceability across integrated systems

Role Distinction

Security Hub Architect

Defines integration strategy, architecture, standards, and governance.

Technical Lead

Oversees overall technical delivery and engineering execution.

Integration Lead

Owns design, development, testing, deployment, and operational support of all Security Hub integrations, APIs, event pipelines, and workflow orchestration services.