Cyber Defense Security Engineer - Detection & Response

  • BlockFi
  • Remote (Singapore)
  • Nov 18, 2021
Full time Engineering

Job Description

What is BlockFi?

BlockFi’s mission is to provide liquidity, transparency and efficiency to digital financial markets by creating products that meet the needs of consumers and corporations across the globe. We build bridges between traditional finance and digital markets that enable growth for all participants.

We’re a team of builders and strivers, proud to champion financial inclusivity and offer economic opportunities around the globe. We provide the same inclusivity to our team members. BlockFi is a place where diversity is celebrated, individuality is recognized, and every single team member is valued. We are changing the status quo to be the first financial company that people love, and we rely on our people to make it happen!

BlockFi is looking for a Security Engineer to join our growing team!

About the Team:

At BlockFi, our Security Team works across the entire spectrum of technologies and products that power our business, protecting over $3B in value. 

This role is full-time remote, even after COVID. The Security Team is largely remote, working across time zones and prides itself on being solutions-focused. While facing incredibly complex threats in an ever-change security landscape, BlockFi has continued to thrive and needs the right tools built by passionate and energetic people.

About the Role:

As a Security Engineer in Cyber Defense you’ll be a part of a globally distributed Detection & Response Engineering team tackling challenging problems at scale. This role will directly impact work across our core functions: security operations, incident response, threat intelligence, threat hunting, red team, and fraud and risk. You will be exposed to a wide range of security technologies protecting endpoint infrastructure, cloud infrastructure, modern cloud-based containerized applications, and Web applications/API’s.

Much of what we need, needs to be built and much of what we have needs to be refined. You will work across many teams including infrastructure, engineering, product, and across multiple streams. We’re looking for someone that has deep technical expertise and experience in threat detection, conducting incident root cause analysis, building threat detection alerts and automating responses. 

Your Mission

  • Supports, Assists and participates in the development, operation, and improvement of the cyber defense continuous monitoring program, threat detection, Security Information and Event Management (SIEM), and related tools and processes.
  • Engineer threat hunt capabilities to identify threat actors by analyzing and researching the techniques, tools and processes used by threat actors.
  • Engineer orchestration and automation technologies in the event analysis/ incident response process.
  • Engineer war-gaming and tabletop activities as part of red/blue team exercise to strengthen and test playbook health, maturity, and relevant documentation.
  • Participate and/or support major projects, including new initiatives, new products and/or features and integration to help drive security best practices. 
  • Provide guidance for implementing threat detection rules and event correlation to identify malicious, suspicious and anomalous activity using SIEM platforms.
  • Work with different business verticals within the organization to identify security monitoring visibility blind spots and threat detection opportunities.
  • Act as a third level escalation to Security Analysts (SOC Team). Mentoring team members on threat detection, incident analysis, incident response, security monitoring and other operational tasks to support and mature the Cyber Defense team. 
  • Knowledge of cryptocurrencies, financial services, or blockchain technology are a plus - if you don’t have this, don’t worry, we can teach you if you’re willing to learn

Your Expertise

  • Proven, hands-on  technical experience in any of the following functions: security operations, incident response, threat hunting, red teaming, threat intelligence at high-growth companies.
  • History of increasingly technical roles responsible for responding to risk and threats as they are identified
  • Knowledge and experience of one programming language
  • Experience maintaining and managing commercial and/or proprietary security technologies. (SIEM,EDR,SOAR)
  • Has a thorough knowledge of all aspects of incident response including identification, mitigation, detection, containment, resolution, and restoration to minimize loss and destruction to information technology systems assets and data
  • Experience developing and maintaining security playbooks/runbooks
  • Deep understanding of cloud infrastructure, implementation of security projects, and security engineering best practices as well as industry standards such as ISO and NIST
  • Demonstrated ability to continuously learn, work independently, and make decisions with minimal supervision
  • Ability to work effectively in teams of technical and non-technical individuals, including peers in non-technical departments
  • Have extreme attention to detail without sacrificing execution rigor
  • Bias towards action and own tasks end-to-end
  • Work through hurdles and tactfully navigate the organization driving towards the objective
  • Be a doer that can get things done and unblock tasks while building deep organizational relationships along the way
  • Be thoughtful and analytical - ask why and challenge preconceived notions
  • Ability to work independently with minimal supervision
  • Own the company’s problems like they are your own
  • Obsessive drive and passion for security and building products people use

Why BlockFi?

BlockFi has experienced incredible growth since our launch in August 2017. Our client base has grown to more than 225,000 (and counting), and the company now boasts more than $15 billion in assets on our platform. We recently completed a Series D funding round placing the company's valuation at $3 billion, and our team now has more than 500 people worldwide. We have established ourselves as a crypto market leader, and as we expand our product suite and geographic footprint, we expect our addressable market to grow exponentially.

BlockFi's leadership team has decades of experience in the traditional financial services and banking world, and we take a conservative approach to regulation that will position us well for sustainable long-term growth and expansion.

Our team is comprised of highly motivated professionals from diverse backgrounds. We are aiming to become the leading lender in crypto and are poised to redefine the global financial ecosystem for the better. In addition:

  • BlockFi is one of the first companies to ever offer crypto-backed loans and the only company whose founding team has an institutional understanding of the debt capital markets and regulatory landscape in the U.S.
  • $100 MM of Series A, B, and C funding led by Valar Ventures with participation from Susquehanna, Winklevoss Capital, Fidelity, Galaxy Digital, Akuna Capital, and Morgan Creek
  • $350 MM of Series D funding led by Bain Capital Ventures, partners of DST Global, Pomp Investments and Tiger Global
  • We are moving quickly and have already deployed substantial capital into the space, proving our ability to execute and capture customer demand