Senior Python Developer – Cybersecurity Process Automation
MACHINE LEARNING TECHNOLOGIES LLC · Charlotte, NC · 4 wk ago
EngineeringContract
Key Responsibilities
- Translate business/security processes into automated workflows, APIs, and services; produce low level designs and sequence diagrams.
- Design secure microservices and job runners in Python (Fast API/Flask) and Java (Spring Boot) using clean architecture and integration patterns.
- Define reusable automation components, SDKs, and templates to accelerate delivery.
- Build event-driven and scheduled automations for IAM onboarding/offboarding, access reviews, PAM workflows, compliance checks, vulnerability/patch management triggers, and SOAR playbooks.
- Integrate with enterprise tools: IAM (Okta/SailPoint), PAM (CyberArk), SIEM/SOAR (Splunk, Sentinel, Cortex XSOAR), ticketing (ServiceNow/Jira), data platforms, and notification channels.
- Own end-to-end SDLC: coding, unit/integration testing, peer reviews, documentation, and deployment pipelines.
- Implement secure coding practices: OAuth2/OIDC, SAML, JWT, TLS/mTLS, secrets management (Vault/KMS), encryption, input validation, and least privilege.
- Add observability (Open Telemetry, ELK/EFK, Prometheus/Grafana) with structured logging, tracing, metrics, and alerting; ensure measurable SLAs and error budgets.
- Harden services (rate limiting, circuit breakers, policy enforcement, audit trails) and support audit/compliance evidence.
- Partner with IAM, SecOps, and platform teams to refine requirements, map as-is/tob-e processes, and quantify ROI (FTE hours saved, cycle time reduction).
- Provide technical guidance, code reviews, and mentor junior engineers; contribute to standards and best practices.
Required Skills & Qualifications
- 6-10 years of software development experience with strong, recent hands-on work in Python and Java for backend/services and automation.
- Python: FastAPI/Flask, async IO, data processing (pandas), scripting, packaging, task runners (Celery/RQ), API integrations.
- Java: Spring Boot, Spring Security, REST/gRPC, concurrency, JVM performance tuning.
- Proven experience automating cybersecurity processes (IAM lifecycle, PAM operations, compliance checks, incident enrichment/response, vulnerability workflows).
- Integration experience with message queues/event buses (Kafka/RabbitMQ), REST/gRPC, webhooks, and ETL/ELT patterns.
- Cloud & DevOps: Docker, Kubernetes, CI/CD (GitHub Actions/Jenkins/Azure DevOps), IaC (Terraform), artifact management.
- Solid grasp of security protocols and standards: OAuth2/OIDC, SAML, TLS, certificate management; familiarity with NIST/ISO and audit needs.