Web3 Jobs with 401(k) plan

BlockFi is looking for a Senior Manager of Cyber Defense to join our growing Cybersecurity team!

About the Team

At BlockFi, our Security Team works across the entire spectrum of technologies and products that power our business, protecting over $3B in value.

The Security Team is largely remote, working across timezones and prides itself on being solutions-focused. While facing incredibly complex threats in an ever-change security landscape, BlockFi has continued to thrive and needs the right tools built by passionate and energetic people.

Your Mission

As a Cyber Defense Manager you’ll be a part of a globally distributed team tackling challenging problems at scale. You will play a key role leading our global cyber defense team to advance our in-house threat detection and response capabilities, providing support to the cybersecurity program initiatives focusing on reducing our cyber risk exposure.

This role will directly impact work across the core cyber defense functions: security operations, incident response, threat intelligence, threat hunting, purple teaming and detection response & engineering. You will be exposed to a wide range of security technologies protecting endpoint infrastructure, cloud infrastructure, modern cloud-based containerized applications, and web applications/API’s.

The Cyber Defense Manager is expected to have an equally wide range of security knowledge, hands-on experience and the ability to find and process new information in a logical way while deriving accurate investigation conclusions across many technical domains.
This role is expected to be a technical leader and people leader, mentoring team members while partnering with other managers to put effective processes/security controls in place and maintain them across the organization.

Responsibilities:

This is a dynamic role, and your day-to-day will vary. Nevertheless, here are some themes that will persist:

• Play a significant role in long-term Cyber Defense strategy and planning, including initiatives geared toward operational excellence.
• Possess a deep and complex understanding of threat hunting methodologies and best practice, while actively maintaining up-to-date situational awareness and SME level understanding of emerging threats, intrusion trends and adversary tradecraft and TTP’s.
• Manage security detection and response engineers, with the goal of ensuring effective and consistent security posture; maintain and mature visibility requirements and standards, continuously improve Cyber Defense response capabilities utilizing automation and be accountable for all IR/investigations/forensics activities.
• Manage and mentor security analysts on risk management, information security controls, incident analysis, incident response, automation, SIEM monitoring and other operational tasks to support technologies managed by the Cyber Defense team.
• Mature and expand the DLP/Insider Threat program, including all operational activities and workflows to effectively protect sensitive data.
• Manage the design and implementation of orchestration and automation technologies in the event analysis/ incident response process. Ensuring detection and response services are fit for purpose and deliver expected outcomes to mitigate risk.
• Develop and administer Cyber Defense Tools/SOPs/processes and review their application to ensure that Cyber Defense controls, policies, and procedures are operating effectively.
• Provide management oversight for the identification, triage and response of events or incidents of apparent security breaches
• Manage and increase the effectiveness and efficiency of Cyber Defense, through improvements to each function (security operations, incident response, threat intelligence, threat hunting, purple teaming and detection response & engineering) as well as coordination and communication between support and business functions
• Ensuring the function is efficient in responding to confirmed cyber security incidents, by coordinating resources and directing use of timely and appropriate countermeasures.

Your Expertise

• Ability to work in a highly dynamic environment, within an extremely fast paced, high growth company.
• Proven leadership experience as a Manager of Cyber Defense or similar security leadership role, leading a geographically distributed security engineering team.
• Broad knowledge across all relevant facets of a holistic, modern cybersecurity program, including strong understanding of current and emerging trends and threats.
• Deep technical knowledge and experience in SOAR, SIEM, threat intelligence platforms, vulnerability assessment tools, Cloud platforms, EDR, Cyber threats and attack vectors, exploitation methods, IOC and TTP's, Infrastructure and Application security in a distributed environment.
• Strong communication skills and ability to outline security risks to senior leadership.
• Experience in managing relationships with technology senior stakeholders and presenting technical security reports with meaningful business context.
• Demonstrated experience in creating communication channels and operational processes with stakeholders, to effectively manage incident response, insider threat, or DLP violation scenarios.
• Knowledge of scripting and programming languages (e.g. Python, Java)
• Tertiary qualification in Information Technology, Engineering, Computer Science or equivalent experience
• Strong understanding of common best practices, frameworks and regulations (NIST 800-53, ISO 27001, FedRAMP, MITRE ATT&CK, CIS, etc).
• Desirable certification of at least one of the following: OSCP, GCIA, GPEN, GWAPT, GCIH, GSEC, CCNP, CISSP

Your Perks

We benefit from the great work our employees do each day. That is why we are committed to providing a variety of awesome benefits to help them live their best lives.

• Competitive salary because we value your experience and expertise
• Unlimited vacation / sick days because everyone deserves time for R&R
• Employer contribution towards health coverage (including vision & dental) because your physical health and well-being is important to us
• Various fringe benefits such as 401k, Parental Leave, FSA/HSA, and Employee Assistance Programs because health coverage is more than just choosing your yearly plan
• Flexible work environment because we are a geographically dispersed team and we believe in balance
• Pet insurance because all of your beloved family members should have coverage too
• Weekly lunch stipend because there is such a thing as a free lunch!
• A close-knit team of enthusiastic, collegial and driven people to work alongside in a highly meritocratic environment because teamwork makes the dreamwork