Lead Engineer – Cyber Visibility UI Development

About The Position

Requirements

• 4-year degree in Computer Science (or related field) or equivalent practical experience
• 8+ years of overall software engineering experience, with a focus on building full-stack web applications
• 3+ years of experience building modern frontend applications with React or NextJS using TypeScript, including state management, form validation, and component library (e.g., MUI)
• 3+ year of experience building backend services using Node.js and Express, including API design, Express Middleware, ORMs (e.g., Sequelize), and job scheduler framework (e.g., Bull or Temporal)
• 3+ years of experience with relational databases (e.g., MySQL, PostgreSQL)
• Demonstrated ability to define and evolve system architecture to bring cross-team initiatives from concept to production
• Experience working in large, multi-repository codebases and applying testing practices (e.g., Jest, Vitest or similar)
• Experience with containerized applications and modern CI/CD pipelines (e.g., Docker, Docker Swarm, or similar)
• Working knowledge of observability practices (logging, metrics, tracing, APM)
• Ability to troubleshoot and debug issues across the stack in production environments, identifying root causes and implementing solutions
• Experience supporting applications in production, including monitoring, incident response, and on-call participation
• Demonstrated code quality practices, including writing maintainable code and participating in pull request reviews

Responsibilities

• Design, develop and maintain an established SIEM platform spanning 1 frontend application and 7 backend services by deploying durable interfaces using modern patterns including React & TypeScript
• Mentor junior and senior engineers through design reviews, hands on pair programming, and collaborative problem solving
• Own and evolve the technical architecture of the SIEM platform across both the established full-stack application AND the in-flight integrations and feature sets built to support Google SecOps
• Operate with a high degree of autonomy, consistently delivering outcomes with minimal oversight
• Use technical decision authority as you partner with cross-functional teams to design, build, and deliver new or migrated security detection features and tools on Google SecOps, leading design reviews and resolving ambiguity from conflicting requirements through the process
• Develop and support full-stack application features, including backend APIs (e.g., Node.js/Express), integrations with Google SecOps, and services that power detection and investigation workflows
• Drive alignment both upstream and downstream as you partner with Threat Detection & Operations, Cyber Threat Intelligence, CSIRT, and platform engineering teams to design and improve detection and investigation capabilities
• Own reliability, scalability and performance targets as you troubleshoot and resolve issues across existing systems while participating in on-call rotations and contributing to improvements in observability, resilience, and operational tooling
• Develop and maintain state management, data-fetching, and asynchronous workflows (e.g., background processing, job scheduling) to support complex user interactions and long-running operations
• Write high-quality, maintainable code and participate in code reviews and testing practices to uphold engineering standards and facilitate knowledge-share
• Contribute to CI/CD pipelines and mechanisms (e.g., Docker Swarm), supporting reliable and repeatable releases
• Use telemetry, user feedback, and platform metrics to improve application performance, usability, and reliability
• Responsible for designing, building, and operating critical SIEM application experiences that power security investigations, IOC workflows, and detection authoring at Target
• Accountable for the technical direction, system health, and overall effectiveness of the SIEM Platform, including its integrations with SecOps and the engineers contributing to its success
• Work across the full stack writing clean, scalable, and maintainable code while optimizing for performance and reliability
• Develop React/TypeScript interfaces alongside Node.js/Express APIs, asynchronous processing (e.g., Temporal/Bull), and integrations with Google SecOps and internal systems—while building a deep understanding of analyst workflows, system architecture, and failure modes
• Troubleshoot issues across the application stack, from user-facing experiences through APIs, background jobs, and external dependencies, driving problems from signal to root cause and implementing durable fixes through improved observability, testing, and automation
• Independently deliver features from design through production while operating within CI/CD pipelines and containerized environments
• Navigate and improve a large, evolving codebase, consistently produce high-quality, well-reviewed code, and collaborate closely with partner teams to align on priorities, unblock delivery, and continuously improve the reliability, usability, and effectiveness of the SIEM platform

Benefits

• Comprehensive health benefits and programs, which may include medical, vision, dental, life insurance
• 401(k)
• Employee discount
• Short term disability
• Long term disability
• Paid sick leave
• Paid national holidays
• Paid vacation