Senior Full Stack Developer – Cybersecurity Detection & Threat Response Platform

Senior Full Stack Developer – Cybersecurity Detection & Threat Response Platform

Senior Full Stack Developer – Cybersecurity Detection & Threat Response Platform

1 day ago Be among the first 25 applicants

Clearance : Ability to obtain Public Trust or higher (Secret / TS preferred)

Summary :

Join the product engineering team responsible for next-generation threat detection and response systems purpose-built for enterprise and defense-grade environments. This is a principal-level full stack role focused on designing scalable, high-ingestion telemetry pipelines , advanced real-time analytics interfaces , threat correlation services , and modular API-driven enforcement controls . The ideal candidate is an expert in cybersecurity telemetry ingestion , detection pipelines (EDR / XDR / MDR / AI SIEM) , compliance-grade multi-tenant analytics portals , and high-throughput backend service development .

Key Responsibilities :

Real-Time Telemetry & Analytics Platform

• Architect and develop real-time cybersecurity telemetry ingestion pipelines ingesting structured (JSON, OCSF), unstructured (syslog), and API-based event streams across endpoint, network, and cloud.
• Build scalable, multi-tenant correlation engines supporting per-tenant detections, behavioral analytics, and customizable detection rule sets.
• Lead front-end development of real-time security dashboards , incident response consoles , and autonomous playbook visualizations using React / TypeScript.

Detection Engineering & AI Analytics

• Embed MITRE ATT&CK aligned detection engines , supporting indicator matching, behavioral detection, and machine-learning model inference pipelines.
• Architect advanced AI SIEM correlation modules and SOAR-ready response orchestration layers .
• Build dynamic enrichment workflows integrating external threat intelligence APIs, posture validation services, and asset correlation engines.

Enterprise-Grade Multi-Tenancy & Compliance

• Design multi-tenant SaaS architecture with full RBAC enforcement , data stream isolation , and per-tenant customization of detection thresholds and enforcement policies.
• Implement compliance-aligned audit logging , forensic-ready data exports , and outbound integrations to SOC tooling (Elastic, OpenSearch, Sentinel, QRadar).
• Lead compliance-by-design implementation targeting FedRAMP Moderate / High, CMMC 2.0, SOC 2 Type II, and ISO27001 : 2022 readiness.
• Deliver high-throughput backend services with Node.js , Go , and Python , containerized on Kubernetes (AWS EKS / Azure AKS).
• Drive Infrastructure-as-Code (Terraform) standards, integrating autoscaling, failover resiliency, and continuous deployment pipelines with strict DevSecOps controls.
• Implement stream-processing architecture (e.g., Kafka, Redis Streams) supporting millions of security events per minute across tenant workloads.

Required Qualifications :

• 10+ years of enterprise software engineering in cybersecurity detection platforms or threat intelligence pipelines.
• Proven expert-level experience building real-time cybersecurity telemetry ingestion systems from EDR / XDR / MDR / AI SIEM sources .
• Expert-level React (TypeScript) for high-density dashboards, Node.js / Go / Python for high-performance microservices.
• Deep knowledge of MITRE ATT&CK-based detection engineering , threat enrichment workflows , and AI analytics pipeline development .
• Hands-on experience with SOAR APIs , playbook-triggering , and autonomous remediation triggers .
• Strong command of multi-tenant SaaS architecture , RBAC enforcement , and real-time resource allocation models .
• Compliance experience mapping detection pipelines to SOC 2 , ISO27001 , CMMC 2.0 , and FedRAMP logging and monitoring requirements.
• Cloud-native development expertise with AWS GovCloud , Azure Commercial / Government Cloud , and Terraform / Kubernetes deployment patterns.

Preferred Advantages :

• Experience working on network threat detection , cloud posture management , or cross-environment telemetry fusion (EDR + NDR + CSPM) platforms.
• Familiarity with air-gapped deployments , classified SOC environments , or MSSP multi-tenant deployments .
• Advanced experience in AI / ML detection model training pipelines (PyTorch / TensorFlow-based feature extraction pipelines).

Seniority level

Seniority level

Mid-Senior level

Employment type

Employment type

Full-time

Job function

Job function

Engineering and Information Technology

Computer and Network Security

Referrals increase your chances of interviewing at ASPIS Cyber by 2x

Get notified about new Full Stack Engineer jobs in Toronto, Ontario, Canada .

Software Engineer, Backend (All Levels / All Teams)

Software Engineer I, Entry Level (Fall 2024-Spring 2025) - Toronto

Platform Engineer (New or Recent Graduate)

Software Developer Full Stack (Junior) 9063-1115

Frontend Software Engineer (Remote - Canada)

Junior Software Developer (Askuity division)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

J-18808-Ljbffr

Cybersecurity Threat • Toronto, ON, Canada