BlockFi is hiring a

Web3 Security Architect, Cyber Defense

BlockFi is looking for a Security Architect to join our Cyber Defense team

About the Team:

At BlockFi, our Security Architect, works across the entire spectrum of technologies and products that power our business, protecting over $3B in value.

This role is full-time remote, even after COVID. The Security Team is largely remote, working across timezones and prides itself on being solutions-focused. While facing incredibly complex threats in an ever-change security landscape, BlockFi has continued to thrive and needs the right tools built by passionate and energetic people.

About the Role:

As a Security Architect, you’ll be a part of a globally distributed Security team tackling challenging problems at scale. This role will directly impact work across our core functions: Cyber Defense, Red Team, AppSec and Fraud. You will be exposed to a wide range of security technologies protecting endpoint infrastructure, cloud infrastructure, modern cloud-based containerized applications, and Web applications/API’s.

Much of what we need, needs to be built and much of what we have needs to be refined. You will work across many teams including infrastructure, engineering, product, and across multiple streams. We’re looking for someone that has deep technical expertise and experience in threat detection, conducting incident root cause analysis, building threat detection alerts and automating responses.

Responsibilities

• Own and strengthen BlockFi “Security as Code” preventive, detective, and reactive controls.
• Partner with Engineering teams, AppSec, Security Architecture in project and development activities to ensure threat detection capabilities are identified and are being embedded through the SDLC.
• ​​Leverage APIs across enterprise technology, SaaS/IaaS/PaaS and business applications to create new sources of telemetry signals for threat Detection and Response.
• Identify opportunities for automating and codifying internal incident response processes.
• Evaluate the security properties and risks of 3rd-party systems and services that we would integrate into our enterprise environment; provide advice and support for secure implementation.
• Design, advocate, and help build secure-by-default infrastructure guardrail that closes off entire classes of security problems.
• Build integrations for our security event monitoring platform to develop mechanisms to detect and respond to known attacker methodology.
• Operationalize and evolve a "zero trust" security architecture that spans each layer of BlockFi technology stack.
• Demonstrate leadership by teaching, mentoring, growing security engineering expertise, and setting technical direction and priorities within the Cyber Defense team.

Your Expertise

• 5+ years of experience in a Senior Security role - (ie Cyber Defense, Incident Response, Security Architecture, Cloud Security, AppSec or other related disciplines.)
• Extensive experience and strong understanding of AWS services and cloud security controls including but not limited to such as IAM, KMS, VPC, Security Groups, AWS Inspector, Guard Duty and SCPs
• Hands-on experience with a diverse range of cloud security technologies, including identity and access management (IAM), web application firewalls, distributed denial of service (DDoS) mitigation, encryption technologies, security information and event management (SIEM), threat and vulnerability management, infrastructure as code (IaC), containerization.
• Broad security-related domain knowledge with authentication and authorization, identity and access management, data protection, OAuth/Open ID connect, Web security.
• Working knowledge of one or more general purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, PowerShell
• Understanding of Content Delivery Network (CDN) configuration, maintenance and best practices (CloudFlare or similar)
• Experience with maintaining, tuning, and extracting additional value from log aggregation platforms (Splunk or similar)
• Comfortable performing Security reviews on proposed Product Architectures, and working with development teams to integrate Security best practices and monitoring capabilities as product features.
• Good communication skills, and a willingness to train and mentor junior personnel
• Able to work with both technical and business stakeholders to design solutions that bring optimal security benefits while accounting for business needs and timelines.

Your Perks

We benefit from the great work our employees do each day. That is why we are committed to providing a variety of awesome benefits to help them live their best lives.

• Competitive salary because we value your experience and expertise
• Unlimited vacation / sick days because everyone deserves time for R&R
• Employer contribution towards health coverage (including vision & dental) because your physical health and well-being is important to us
• Various fringe benefits such as 401k, Parental Leave, FSA/HSA, and Employee Assistance Programs because health coverage is more than just choosing your yearly plan
• Flexible work environment because we are a geographically dispersed team and we believe in balance
• Pet insurance because all of your beloved family members should have coverage too
• Weekly lunch stipend because there is such a thing as a free lunch!
• A close-knit team of enthusiastic, collegial and driven people to work alongside in a highly meritocratic environment because teamwork makes the dreamwork

Apply Now: