Figment is hiring a

Web3 Sr. Security Engineer

As a member of the Figment Security Management Team, you will be a Senior Security Engineer reporting to the Senior Director of Security.

You will utilize knowledge of security, blockchain and cryptocurrency in determining the security risk and available mitigations for crypto assets, blockchain and web 3 platforms as well as how to detect and respond to suspicious or malicious activity. You will be responsible for security reviews of crypto networks, incident identification and response support. You will support fellow security and platform engineers, and application developers with remediation recommendations and validation of corrective actions. Effectively translate highly technical information to internal customers in a way that supports CIS and broader Figment goals.

Responsibilities

• Identify, report, and advise on mitigation of security risks associated with crypto, web 3 and blockchain assets.
• Drive improvements for heavily technical and operational processes with multiple stakeholder dependencies.
• Document processes, procedures, and workflows for Blue Team operations.
• Coach security engineers and analysts to analyze blockchains, ERC-20 tokens, and other distributed ledger protocols for security concerns.
• Collaborate with cross functional partners to coordinate review, risk and remediation priorities.
• Identify and recommend ways to improve security team performance through automation, tooling, or process.
• You will be responsible for supporting the monitoring and scanning our blockchain and cryptocurrency exposed surface, reviewing internal and external (vms, Kubernetes ingresses websites, etc) for open vulnerabilities that can be exploited.
• Work with operations teams to implement best practices, remediation and mitigations.
• You will work with Devs to close vulnerabilities in their applications.
• Prepare strategies to protect high risk blockchain keys that have 100% online requirements.
• Communicate the importance of security to the wider organization in a clear and simple way.
• Be involved at the design stage to ensure security is considered from the beginning.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
• Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
• Provide risk-appropriate and pragmatic recommendations tocorrect vulnerabilities found.
• Develop scripts, tools, or methodologies to enhanceFigment’sblue teaming processes.
• Provides leadership and guidance to advance the defensive capabilities of the team and its subsequent ability to defend the Figment Enterprise.
• Provide mentoring and training to Blue Team members. Lead, develop, and participate in cross team security exercises.
• In conjunction with Red Team Operators, conduct assessments for critical and zero-day vulnerabilities and develop mitigation plans when appropriate.
• Provide support and technical expertise to security and platform engineers, application developers in remediation efforts.
• Provide support and technical expertise during incident response and assist with post incident action plan creation.

Where you'll be working...

This role will be remote based

What we’re looking for...

You’ll need to have:

• Experience in versatile teams that have had to adapt to the changing needs of a business experiencing rapid growth
• You have experience in web 3 and blockchain technology and a solid foundation in security topics such as product security, application security, security operations, or third party security
• Expertise in risk identification, reporting and mitigation
• Expertise in providing hands-on technical guidance to the team of analysts
• You have experience or willingness to analyze software code for risk identification
• You have the unique ability to investigate a topic using white papers or blog posts
• Ability to design and improve procedures that solve problems in simple and scalable ways
• Ability to communicate with technical and non-technical stakeholders in order to drive alignment
• You have an energy and self-drive for continuous learning as blockchain and Web 3 is a constantly and rapidly changing space
• Willingness to learn and apply processes unique to the challenges at Figment
• Bachelor's degree or four or more years of work experience
• Experience in shell scripting or automation of simple tasks using Perl, Python, or Ruby.
• Experience with Red, Blue, or Purple teaming exercises.
• Strong knowledge of tools used for Blue Team operations including SIEM, vulnerability scanning, end point protection, Jira, firewalls, cloud security, forensics and incident response.
• Familiarity with Terraform, Ansible, AWS, Azure, Kubernetes and Git.
• Strong technical writing

Even better if you have:

• You would bring a diverse perspective to the team: for example, maybe you took an unconventional route to get into your current Security career
• A degree in a technical field.
• Smart contract auditing experience
• Pen testing experience
• Solid understanding of common hosting environments such a containerization platform (e.g., Docker and Kubernetes) and virtual machines running under hypervisors.
• Thorough understanding of network protocols/
• Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell.
• Industry certifications such as CISSP.
• Solid understanding of public cloud environments including AWS, Azure and Google.
• Understanding of security risks for block chain and crypto.

Apply Now: