DEV Careers at Andreessen Horowitz (a16z)

Cybersecurity Engineer, Crypto

Founded in 2009 by Marc Andreessen and Ben Horowitz, Andreessen Horowitz (known as "a16z") is a venture capital firm in Silicon Valley, California, that backs bold entrepreneurs building the future through technology. We are stage agnostic: We invest in seed to late-stage technology companies, across the consumer, enterprise, bio/healthcare, crypto, and fintech spaces. a16z has $19.2B in assets under management across multiple funds, including the $1.4B Bio funds,the$3.1B Crypto funds, and theCultural Leadership Fund.

We’ve established a team that is defined by respect for the entrepreneur and the entrepreneurial company building process. We’ve invested in companies like Airbnb, Apeel, Coinbase, Figma, Freenome, Instacart, Lyft, Slack, and Stripe. Our team is at the forefront of new technology, helping entrepreneurs and their companies impact and change the world.

The Role

The Crypto Cybersecurity Engineer delivers effective and efficient intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for a16z’s crypto funds. The mission is to play a leading role in a16z’s efforts to protect its operations, personnel and information systems against online threats and unauthorized use.

The Crypto Cybersecurity Engineer will help develop and drive a16z’s strategy for automated security detection and response capabilities. These services focus on understanding the evolving threat landscape--external and internal--through proactive threat research resulting in new and innovative ways to automate threat detection. This includes developing and improving automated content, tools, and processes that optimize efficiency and resources. This role will work in collaboration with Information Technology and Corporate Security to jointly investigate and manage the threat landscape. This role will oversee orchestration and integrating solutions for various workflows that aid in the incident detection and response process, as well as new technology detection.

To join our team, you should be excited to:

• Develop and nurture long-term relationships
• Lead on cybersecurity initiatives and collaborate with internal partners
• Understand and learn blockchain, DeFi and other crypto related technologies
• Run investigations that straddle cyber and physical threats, from the mundane to the exotic
• Provide security coaching, guidance and assistance to a16z executives and staff
• Establish a cybersecurity strategy and direction for the crypto team and identify the tactical plans required to accomplish the related vision / objectives.
• Execute projects and process improvements to identify potential opportunities, resolve constraints, and support business activities that constantly improve the firm's overall cybersecurity posture.
• Ability to adapt to a constantly evolving environment and generate effective and innovative solutions to address change.
• Assist in vendor onboarding and due diligence processes to ensure new technology vendors adhere to established compliance and cybersecurity baselines.
• Support existing security infrastructure and DFIR initiatives as well as scope, vet and deploy new security systems, policies and technology, e.g. SOAR tools.

Minimum Qualifications

• Bachelor's degree and 10+ years relevant experience
• Experience optimizing and securing blockchain applications by integrating new tools and technologies
• Must be willing to learn and keep up with current blockchain technologies and cryptography methods
• A minimum of five years of combined experience in any of the following areas: blockchain; DeFi; cloud security assessment and strategy; cloud compliance; solution architecture and design with emphasis on security, security operations and integration with cloud IaaS/PaaS/SaaS security platforms such as AWS, Google Cloud Platform and Microsoft Azure; IT risk management
• Excellent written and verbal communication, facilitation, leadership, business development, and presentation skills
• Expert knowledge of computer network defense and security architecture principles.
• Integration of innovative technology to improve data collection and analysis for strategic alignment with a security monitoring strategy.
• Knowledge of security orchestration and automation frameworks for the cloud to support incident response, security detection, vulnerability management, and risk assessment.
• Practical experience in building and supporting process automation (e.g., scripting skills).
• Knowledge and experience in leveraging security detection technologies such as SIEM, Big Data, and Machine Learning.
• Ability to analyze threat actor tactics, techniques, and procedures (TTPs), in order to instrument cyber threat indicators, and ongoing automation and engineering to support the detection lifecycle.
• Familiarity with application security and DevSecOps processes in order to further detection capabilities.
• Experience working with law enforcement in cybersecurity investigations is preferred