BlockFi is hiring a

Web3 Cyber Defense Security Engineer - Detection & Response

BlockFi is looking for a Security Engineer to join our growing team!

About the Team:

At BlockFi, our Security Team works across the entire spectrum of technologies and products that power our business, protecting over $3B in value.

This role is full-time remote, even after COVID. The Security Team is largely remote, working across timezones and prides itself on being solutions-focused. While facing incredibly complex threats in an ever-change security landscape, BlockFi has continued to thrive and needs the right tools built by passionate and energetic people.

About the Role:

As a Security Engineer in Cyber Defense you’ll be a part of a globally distributed Detection & Response Engineering team tackling challenging problems at scale. This role will directly impact work across our core functions: security operations, incident response, threat intelligence, threat hunting, red team, and fraud and risk. You will be exposed to a wide range of security technologies protecting endpoint infrastructure, cloud infrastructure, modern cloud-based containerized applications, and Web applications/API’s.

Much of what we need, needs to be built and much of what we have needs to be refined. You will work across many teams including infrastructure, engineering, product, and across multiple streams. We’re looking for someone that has deep technical expertise and experience in threat detection, conducting incident root cause analysis, building threat detection alerts and automating responses.

Your Mission

• Supports, Assists and participates in the development, operation, and improvement of the cyber defense continuous monitoring program, threat detection, Security Information and Event Management (SIEM), and related tools and processes.
• Engineer threat hunt capabilities to identify threat actors by analyzing and researching the techniques, tools and processes used by threat actors.
• Engineer orchestration and automation technologies in the event analysis/ incident response process.
• Engineer war-gaming and tabletop activities as part of red/blue team exercise to strengthen and test playbook health, maturity, and relevant documentation.
• Participate and/or support major projects, including new initiatives, new products and/or features and integration to help drive security best practices.
• Provide guidance for implementing threat detection rules and event correlation to identify malicious, suspicious and anomalous activity using SIEM platforms.
• Work with different business verticals within the organization to identify security monitoring visibility blind spots and threat detection opportunities.
• Act as a third level escalation to Security Analysts (SOC Team). Mentoring team members on threat detection, incident analysis, incident response, security monitoring and other operational tasks to support and mature the Cyber Defense team.
• Knowledge of cryptocurrencies, financial services, or blockchain technology are a plus - if you don’t have this, don’t worry, we can teach you if you’re willing to learn

Your Expertise

• Proven, hands-on technical experience in any of the following functions: security operations, incident response, threat hunting, red teaming, threat intelligence at high-growth companies.
• History of increasingly technical roles responsible for responding to risk and threats as they are identified
• Knowledge and experience of one programming language
• Experience maintaining and managing commercial and/or proprietary security technologies. (SIEM,EDR,SOAR)
• Has a thorough knowledge of all aspects of incident response including identification, mitigation, detection, containment, resolution, and restoration to minimize loss and destruction to information technology systems assets and data
• Experience developing and maintaining security playbooks/runbooks
• Deep understanding of cloud infrastructure, implementation of security projects, and security engineering best practices as well as industry standards such as ISO and NIST
• Demonstrated ability to continuously learn, work independently, and make decisions with minimal supervision
• Ability to work effectively in teams of technical and non-technical individuals, including peers in non-technical departments
• Have extreme attention to detail without sacrificing execution rigor
• Bias towards action and own tasks end-to-end
• Work through hurdles and tactfully navigate the organization driving towards the objective
• Be a doer that can get things done and unblock tasks while building deep organizational relationships along the way
• Be thoughtful and analytical - ask why and challenge preconceived notions
• Ability to work independently with minimal supervision
• Own the company’s problems like they are your own
• Obsessive drive and passion for security and building products people use

Apply Now: