Senior Security Engineer, Cyber Defense

BlockFi is looking for a Senior Security Engineer to join our growing team!

About the Team:

At BlockFi, our Security Team works across the entire spectrum of technologies and products that power our business, protecting over $3B in value. 

Depending on location this role can be full-time remote, The Security Team is largely remote, working across timezones and prides itself on being solutions-focused. While facing incredibly complex threats in an ever-change security landscape, BlockFi has continued to thrive and needs the right tools built by passionate and energetic people.

About the Role:

As a Senior Security Engineer you’ll be a part of a globally distributed Detection & Response Engineering (DRE) team tackling challenging problems at scale. You will play a key role leading the DRE function to advance our in-house threat detection and response capabilities, providing support to the cybersecurity program initiatives focusing on reducing our cyber risk exposure.

This role will directly impact work across the core cyber defense functions: security operations, incident response, threat intelligence, threat hunting, purple teaming. You will be exposed to a wide range of security technologies protecting endpoint infrastructure, cloud infrastructure, modern cloud-based containerized applications, and web applications/API’s.

The Senior Security Engineer is expected to have an equally wide range of security knowledge, hands-on experience and the ability to find and process new information in a logical way. You will work across many teams including infrastructure, engineering, product, and across multiple streams. We’re looking for someone that has deep technical expertise and experience in building and automating threat detection and response capabilities.

Your Mission

• Supports, assists and participates in the development, operation, and improvement of the cyber defense continuous monitoring program, threat detection, Security Information and Event Management (SIEM), and related tools and processes.
• Engineer threat hunt capabilities to identify threat actors by analyzing and researching the techniques, tools and processes used by threat actors.
• Engineer orchestration and automation technologies in the event analysis/ incident response process.
• Engineer war-gaming and tabletop activities as part of red/blue team exercise to strengthen and test playbook health, maturity, and relevant documentation.
• Participate and/or support major projects, including new initiatives, new products and/or features and integration to help drive security best practices. 
• Provide guidance for implementing threat detection rules and event correlation to identify malicious, suspicious and anomalous activity using SIEM platforms.
• Work with different business verticals within the organization to identify security monitoring visibility blind spots and threat detection opportunities.
• Act as a third level escalation to Security Analysts (SOC Team). Mentoring team members on threat detection, incident analysis, incident response, security monitoring and other operational tasks to support and mature the Cyber Defense team. 

Your Expertise

• Over 5 years of proven, hands-on technical experience in any of the following functions: security operations, incident response, threat hunting, red teaming, threat intelligence at high-growth companies.
• History of increasingly technical roles responsible for responding to risk and threats as they are identified
• Knowledge and experience of one programming language
• Experience maintaining and managing commercial and/or proprietary security technologies. (SIEM,EDR,SOAR)
• Has a thorough knowledge of all aspects of incident response including identification, mitigation, detection, containment, resolution, and restoration to minimize loss and destruction to information technology systems assets and data
• Experience developing and maintaining security playbooks/runbooks
• Deep understanding of cloud infrastructure, implementation of security projects, and security engineering best practices as well as industry standards such as ISO and NIST
• Knowledge of cryptocurrencies, financial services, or blockchain technology are a plus - if you don’t have this, don’t worry, we can teach you if you’re willing to learn
• Demonstrated ability to continuously learn, work independently, and make decisions with minimal supervision
• Ability to work effectively in teams of technical and non-technical individuals, including peers in non-technical departments
• Have extreme attention to detail without sacrificing execution rigor
• Bias towards action and own tasks end-to-end
• Work through hurdles and tactfully navigate the organization driving towards the objective
• Be a doer that can get things done and unblock tasks while building deep organizational relationships along the way
• Be thoughtful and analytical - ask why and challenge preconceived notions
• Ability to work independently with minimal supervision
• Own the company’s problems like they are your own
• Obsessive drive and passion for security and building products people use

Your Perks

We benefit from the great work our employees do each day. That is why we are committed to providing a variety of awesome benefits to help them live their best lives.

• Competitive salary because we value your experience and expertise
• Unlimited vacation / sick days because everyone deserves time for R&R
• Employer contribution towards health coverage (including vision & dental) because your physical health and well-being is important to us 
• Flexible work environment because we are a geographically dispersed team and we believe in balance
• Weekly lunch stipend because there is such a thing as a free lunch! 
• A close-knit team of enthusiastic, collegial and driven people to work alongside in a highly meritocratic environment because teamwork makes the dreamwork