Integration Lead
Location: Charlotte, NC OR Iselin, NJ 3Days/week onsite
Long Term Contract
The Integration Lead is responsible for the design, development, implementation, and validation of all integrations supporting the Security Hub platform. This role will lead the creation of an integration-first architecture enabling telemetry ingestion, data normalization, event correlation, workflow orchestration, and automated remediation across the Data Private Cloud (DPC) ecosystem.
The Integration Lead will work closely with Security Hub Architects, Platform Engineers, Data Engineers, Security Operations teams, and enterprise platform owners to establish secure, scalable, and resilient integrations that support Security Hub as the authoritative system of record for security findings.
Key Responsibilities
Integration Architecture & Design
- Design and implement an event-driven integration architecture supporting Security Hub operations.
- Define integration patterns, API standards, data exchange models, and message flows.
- Develop integration roadmaps aligned with phased Security Hub delivery.
- Ensure integrations support scalability, resiliency, security, and auditability requirements.
Enterprise & DPC Integrations
Lead design and implementation of integrations with:
- Keycloak
- Ranger
- OpenShift APIs
- Kafka
- LGTM
- StorageGRID
- DataHub
- Vault/Venafi
- ServiceNow
- Enterprise observability platforms
- Security monitoring and logging platforms
Telemetry & Data Pipeline Enablement
- Design telemetry ingestion, normalization, and correlation services.
- Implement event-processing and message-routing capabilities.
- Establish common security event and finding data models.
- Ensure reliable, ordered, and traceable data movement across platforms.
- Support centralized visibility and workflow orchestration.
Workflow Orchestration & Automation
- Design integration services supporting remediation workflows and approval-gated enforcement.
- Enable automated incident routing and ServiceNow integration.
- Support implementation of AI-assisted triage and response workflows.
- Develop reusable integration services and APIs.
Security Hub System of Record Enablement
- Support establishment of Security Hub as the authoritative source for security findings.
- Design synchronization and data reconciliation processes.
- Ensure data integrity, retention, traceability, and audit readiness.
- Support implementation of finding lifecycle management workflows.
Testing & Validation
- Develop integration test plans and validation procedures.
- Coordinate end-to-end integration testing activities.
- Validate performance, resiliency, and failover capabilities.
- Resolve integration defects and operational issues.
Operational Readiness
- Develop integration support documentation and runbooks.
- Support production deployments and cutover activities.
- Participate in knowledge transfer and operational handoff.
- Support post-production hypercare and stabilization activities.
Required Skills & Experience
Experience
- 10+ years of integration, middleware, API, or enterprise application integration experience.
- 5+ years leading complex integration initiatives.
- Experience implementing large-scale enterprise integration platforms.
- Experience supporting cloud-native and event-driven architectures.
Technical Skills
- API Design & Development
- REST, JSON, XML
- Kafka / Event Streaming Platforms
- Event-Driven Architecture
- Enterprise Integration Patterns
- Microservices Architecture
- OpenShift / Kubernetes
- ServiceNow Integrations
- Data Pipelines & Messaging Platforms
- Python, Java, or similar development languages
- CI/CD and DevOps practices
Security & Platform Knowledge
- IAM and Identity Platforms
- Security Operations Workflows
- Observability and Monitoring Platforms
- Security Event Management
- Cloud Platforms (AWS, Azure, Google Cloud Platform)
- Zero Trust Concepts
Preferred Qualifications
- Experience integrating SIEM, SOAR, Security Hub, SOC, CNAPP, or CSPM platforms.
- Experience with Keycloak, Ranger, Kafka, and ServiceNow.
- Experience implementing OpenShift-based solutions.
- Experience supporting highly regulated financial services environments.
- Experience implementing event-driven workflow orchestration.
- Experience supporting AI-enabled automation platforms.
Key Deliverables
- Integration Architecture Documents
- API Specifications and Interface Designs
- Telemetry Ingestion & Normalization Pipelines
- Event Correlation Services
- Workflow Orchestration Services
- Integration Adapters and Connectors
- Data Mapping & Transformation Specifications
- Integration Test Plans and Validation Reports
- Operational Runbooks and Support Documentation
Success Measures
- Successful integration of all approved enterprise and DPC platforms
- Reliable telemetry ingestion, normalization, and correlation
- End-to-end workflow orchestration operational
- Security Hub system-of-record capabilities functioning as designed
- Integration performance and resiliency objectives achieved
- Successful production deployment and operational transition
- Audit-ready traceability across integrated systems
Role Distinction
Security Hub Architect
- Defines integration strategy, architecture, standards, and governance.
Technical Lead
- Oversees overall technical delivery and engineering execution.
Integration Lead
- Owns design, development, testing, deployment, and operational support of all Security Hub integrations, APIs, event pipelines, and workflow orchestration services.