Security Architect, Cyber Defense

  • BlockFi
  • Remote (New York, NY, USA)
  • Nov 18, 2021
Full time Security & Privacy

Job Description

What is BlockFi?

BlockFi’s mission is to provide liquidity, transparency and efficiency to digital financial markets by creating products that meet the needs of consumers and corporations across the globe. We build bridges between traditional finance and digital markets that enable growth for all participants.

We’re a team of builders and strivers, proud to champion financial inclusivity and offer economic opportunities around the globe. We provide the same inclusivity to our team members. BlockFi is a place where diversity is celebrated, individuality is recognized, and every single team member is valued. We are changing the status quo to be the first financial company that people love, and we rely on our people to make it happen!

BlockFi is looking for a Security Architect to join our Cyber Defense team

About the Team:

At BlockFi, our Security Architect, works across the entire spectrum of technologies and products that power our business, protecting over $3B in value. 

This role is full-time remote, even after COVID. The Security Team is largely remote, working across timezones and prides itself on being solutions-focused. While facing incredibly complex threats in an ever-change security landscape, BlockFi has continued to thrive and needs the right tools built by passionate and energetic people.

About the Role:

As a Security Architect, you’ll be a part of a globally distributed Security team tackling challenging problems at scale. This role will directly impact work across our core functions: Cyber Defense, Red Team, AppSec and Fraud. You will be exposed to a wide range of security technologies protecting endpoint infrastructure, cloud infrastructure, modern cloud-based containerized applications, and Web applications/API’s.

Much of what we need, needs to be built and much of what we have needs to be refined. You will work across many teams including infrastructure, engineering, product, and across multiple streams. We’re looking for someone that has deep technical expertise and experience in threat detection, conducting incident root cause analysis, building threat detection alerts and automating responses. 

Responsibilities

  • Own and strengthen BlockFi “Security as Code” preventive, detective, and reactive controls.
  • Partner with Engineering teams, AppSec, Security Architecture in project and development activities to ensure threat detection capabilities are identified and are being embedded through the SDLC.
  • ​​Leverage APIs across enterprise technology, SaaS/IaaS/PaaS and business applications to create new sources of telemetry signals for threat Detection and Response.
  • Identify opportunities for automating and codifying internal incident response processes.
  • Evaluate the security properties and risks of 3rd-party systems and services that we would integrate into our enterprise environment; provide advice and support for secure implementation.
  • Design, advocate, and help build secure-by-default infrastructure guardrail that closes off entire classes of security problems.
  • Build integrations for our security event monitoring platform to develop mechanisms to detect and respond to known attacker methodology.
  • Operationalize and evolve a "zero trust" security architecture that spans each layer of BlockFi technology stack.
  • Demonstrate leadership by teaching, mentoring, growing security engineering expertise, and setting technical direction and priorities within the Cyber Defense team.

Your Expertise

  • 5+ years of experience in a Senior Security role - (ie Cyber Defense, Incident Response, Security Architecture, Cloud Security, AppSec or other related disciplines.)
  • Extensive experience and strong understanding of AWS services and cloud security controls including but not limited to such as IAM, KMS, VPC, Security Groups, AWS Inspector, Guard Duty and SCPs
  • Hands-on experience with a diverse range of cloud security technologies, including identity and access management (IAM), web application firewalls, distributed denial of service (DDoS) mitigation, encryption technologies, security information and event management (SIEM), threat and vulnerability management, infrastructure as code (IaC), containerization.
  • Broad security-related domain knowledge with authentication and authorization, identity and access management, data protection, OAuth/Open ID connect, Web security.
  • Working knowledge of one or more general purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, PowerShell
  • Understanding of Content Delivery Network (CDN) configuration, maintenance and best practices (CloudFlare or similar)
  • Experience with maintaining, tuning, and extracting additional value from log aggregation platforms (Splunk or similar)
  • Comfortable performing Security reviews on proposed Product Architectures, and working with development teams to integrate Security best practices and monitoring capabilities as product features.
  • Good communication skills, and a willingness to train and mentor junior personnel
  • Able to work with both technical and business stakeholders to design solutions that bring optimal security benefits while accounting for business needs and timelines.

Your Perks

We benefit from the great work our employees do each day. That is why we are committed to providing a variety of awesome benefits to help them live their best lives.

  • Competitive salary because we value your experience and expertise
  • Unlimited vacation / sick days because everyone deserves time for R&R
  • Employer contribution towards health coverage (including vision & dental) because your physical health and well-being is important to us 
  • Various fringe benefits such as 401k, Parental Leave, FSA/HSA, and Employee Assistance Programs because health coverage is more than just choosing your yearly plan 
  • Flexible work environment because we are a geographically dispersed team and we believe in balance
  • Pet insurance because all of your beloved family members should have coverage too
  • Weekly lunch stipend because there is such a thing as a free lunch!
  • A close-knit team of enthusiastic, collegial and driven people to work alongside in a highly meritocratic environment because teamwork makes the dreamwork

Why BlockFi?

BlockFi has experienced incredible growth since our launch in August 2017. Our client base has grown to more than 225,000 (and counting), and the company now boasts more than $15 billion in assets on our platform. We recently completed a Series D funding round placing the company's valuation at $3 billion, and our team now has more than 500 people worldwide. We have established ourselves as a crypto market leader, and as we expand our product suite and geographic footprint, we expect our addressable market to grow exponentially.

BlockFi's leadership team has decades of experience in the traditional financial services and banking world, and we take a conservative approach to regulation that will position us well for sustainable long-term growth and expansion.

Our team is comprised of highly motivated professionals from diverse backgrounds. We are aiming to become the leading lender in crypto and are poised to redefine the global financial ecosystem for the better. In addition:

  • BlockFi is one of the first companies to ever offer crypto-backed loans and the only company whose founding team has an institutional understanding of the debt capital markets and regulatory landscape in the U.S.
  • $100 MM of Series A, B, and C funding led by Valar Ventures with participation from Susquehanna, Winklevoss Capital, Fidelity, Galaxy Digital, Akuna Capital, and Morgan Creek
  • $350 MM of Series D funding led by Bain Capital Ventures, partners of DST Global, Pomp Investments and Tiger Global
  • We are moving quickly and have already deployed substantial capital into the space, proving our ability to execute and capture customer demand

For information about how we collect, use, or otherwise handle your Personal Information, please see our Privacy Policy.