About the role:
As an Intermediate Security Engineer within our SOC team, you'll implement security measures and improvements across both web2 and web3 environments. A key aspect of your role will be engineering our security tooling ecosystem, which includes integrating and customizing 3rd party solutions as well as developing custom security tools specifically designed for web2 and web3 environments. You'll contribute to our SOAR (Security Orchestration, Automation, and Response) platform by building and refining automated response workflows and implementing machine learning (AI)/LLM integrations to enhance threat detection capabilities. You'll follow and help refine incident response playbooks for security situations spanning traditional and blockchain-based technologies. Your technical skills in threat detection will help identify attack patterns across hybrid environments, connecting security events into coherent threat scenarios. Through collaborative threat modeling, you'll analyze system architectures, identify attack vectors in both traditional infrastructure and blockchain protocols, and help map potential attack paths through our technology stack. You'll support investigation of security incidents through technical analysis, contributing insights that help develop custom detection rules. With a growing expertise in security, you'll stay informed on emerging trends in both domains and participate in investigations of security incidents. This role bridges conventional cybersecurity with web3, ensuring effective protection across our technological landscape.
Responsibilities will include:
- Implement monitoring and analysis of data from traditional networks, blockchain networks, cloud platforms, and enterprise systems
- Engineer and enhance security tooling, including customizing 3rd party solutions and developing custom tools for web2 and web3 environments
- Build and maintain SOAR (Security Orchestration, Automation, and Response) workflows to automate routine incident response actions
- Develop and implement machine learning models to improve threat detection and analysis capabilities
- Integrate LLM technologies across security operations to enhance efficiency and automation
- Assist in investigating security incidents and vulnerabilities across web2 and web3 environments
- Operate and interpret results from various security tools, including SIEM, EDR, cloud security systems, and blockchain-specific platforms
- Follow and help improve incident response procedures for both traditional and blockchain-related security issues
- Develop automation scripts to enhance efficiency in detecting and responding to security threats
- Help maintain comprehensive incident response playbooks covering both web2 and web3 ecosystems
- Stay updated on emerging cybersecurity trends, including traditional threats and crypto/blockchain-specific vulnerabilities
- Support risk assessment and mitigation in both traditional IT infrastructure and Web3 systems
- Help integrate data streams from networks, applications, and blockchain sources into security dashboards
- Collaborate with team members on implementing security best practices across web2 and web3 technologies
- Contribute to technical advisories on various cybersecurity issues for internal teams
- Participate in on-call rotation for security incidents across all platforms
- Support the implementation of cross-platform security strategies that address both traditional and blockchain-based threats
- Configure and operate SIEM deployments, including writing detection queries, integrating logging sources, and managing data retention to enhance threat detection capabilities
Qualifications:
- 3+ years of experience in IT Security, with some experience in a SOC environment
- Experience with security tool development, integration, or customization
- Knowledge of SOAR platforms and experience building automated security workflows
- Familiarity with machine learning or AI/LLM applications in cybersecurity
- Understanding of incident response practices and processes
- Experience with common security tools for detection and remediation in traditional networks
- Awareness of the cybersecurity landscape, including traditional threats, malware analysis, and threat intelligence
- Knowledge of security in cloud environments, including vulnerability management and protective monitoring
- Familiarity with security compliance, risk management, and main security standards (ISO2700x, CIS, NIST, SOC2)
- Strong troubleshooting and problem-solving skills across diverse technological environments
- Experience with containerized environments and their security implications (Docker/Kubernetes)
- Intermediate programming skills in Python/Bash/Go or equivalent for developing security tooling
- Good verbal and written English skills, with the ability to communicate security concepts clearly
Nice to have:
- Entry-level security certifications such as CompTIA Security+, SSCP, or blockchain-specific certifications
- Degree in Computer Science, Cybersecurity, or equivalent
- Experience with developing custom security tools or plugins
- Knowledge of API integration patterns for security tools
- Background in data science or experience with security analytics platforms
- Experience with prompt engineering for security-focused LLM applications
- Familiarity with blockchain forensics tools and techniques
- Basic understanding of regulatory frameworks affecting traditional finance and crypto assets
- Contributions to open-source security projects or blockchain protocols
- Basic knowledge of smart contract security or DeFi protocols