What is BlockFi?
BlockFi’s mission is to provide liquidity, transparency and efficiency to digital financial markets by creating products that meet the needs of consumers and corporations across the globe. We build bridges between traditional finance and digital markets that enable growth for all participants.
We’re a team of builders and strivers, proud to champion financial inclusivity and offer economic opportunities around the globe. We provide the same inclusivity to our team members. BlockFi is a place where diversity is celebrated, individuality is recognized, and every single team member is valued. We are changing the status quo to be the first financial company that people love, and we rely on our people to make it happen!
BlockFi is looking for a Senior Security Engineer to join our growing team!
About the Team:
At BlockFi, our Security Team works across the entire spectrum of technologies and products that power our business, protecting over $3B in value.
Depending on location this role can be full-time remote, The Security Team is largely remote, working across timezones and prides itself on being solutions-focused. While facing incredibly complex threats in an ever-change security landscape, BlockFi has continued to thrive and needs the right tools built by passionate and energetic people.
About the Role:
As a Senior Security Engineer you’ll be a part of a globally distributed Detection & Response Engineering (DRE) team tackling challenging problems at scale. You will play a key role leading the DRE function to advance our in-house threat detection and response capabilities, providing support to the cybersecurity program initiatives focusing on reducing our cyber risk exposure.
This role will directly impact work across the core cyber defense functions: security operations, incident response, threat intelligence, threat hunting, purple teaming. You will be exposed to a wide range of security technologies protecting endpoint infrastructure, cloud infrastructure, modern cloud-based containerized applications, and web applications/API’s.
The Senior Security Engineer is expected to have an equally wide range of security knowledge, hands-on experience and the ability to find and process new information in a logical way. You will work across many teams including infrastructure, engineering, product, and across multiple streams. We’re looking for someone that has deep technical expertise and experience in building and automating threat detection and response capabilities.
- Supports, assists and participates in the development, operation, and improvement of the cyber defense continuous monitoring program, threat detection, Security Information and Event Management (SIEM), and related tools and processes.
- Engineer threat hunt capabilities to identify threat actors by analyzing and researching the techniques, tools and processes used by threat actors.
- Engineer orchestration and automation technologies in the event analysis/ incident response process.
- Engineer war-gaming and tabletop activities as part of red/blue team exercise to strengthen and test playbook health, maturity, and relevant documentation.
- Participate and/or support major projects, including new initiatives, new products and/or features and integration to help drive security best practices.
- Provide guidance for implementing threat detection rules and event correlation to identify malicious, suspicious and anomalous activity using SIEM platforms.
- Work with different business verticals within the organization to identify security monitoring visibility blind spots and threat detection opportunities.
- Act as a third level escalation to Security Analysts (SOC Team). Mentoring team members on threat detection, incident analysis, incident response, security monitoring and other operational tasks to support and mature the Cyber Defense team.
- Over 5 years of proven, hands-on technical experience in any of the following functions: security operations, incident response, threat hunting, red teaming, threat intelligence at high-growth companies.
- History of increasingly technical roles responsible for responding to risk and threats as they are identified
- Knowledge and experience of one programming language
- Experience maintaining and managing commercial and/or proprietary security technologies. (SIEM,EDR,SOAR)
- Has a thorough knowledge of all aspects of incident response including identification, mitigation, detection, containment, resolution, and restoration to minimize loss and destruction to information technology systems assets and data
- Experience developing and maintaining security playbooks/runbooks
- Deep understanding of cloud infrastructure, implementation of security projects, and security engineering best practices as well as industry standards such as ISO and NIST
- Knowledge of cryptocurrencies, financial services, or blockchain technology are a plus - if you don’t have this, don’t worry, we can teach you if you’re willing to learn
- Demonstrated ability to continuously learn, work independently, and make decisions with minimal supervision
- Ability to work effectively in teams of technical and non-technical individuals, including peers in non-technical departments
- Have extreme attention to detail without sacrificing execution rigor
- Bias towards action and own tasks end-to-end
- Work through hurdles and tactfully navigate the organization driving towards the objective
- Be a doer that can get things done and unblock tasks while building deep organizational relationships along the way
- Be thoughtful and analytical - ask why and challenge preconceived notions
- Ability to work independently with minimal supervision
- Own the company’s problems like they are your own
- Obsessive drive and passion for security and building products people use
We benefit from the great work our employees do each day. That is why we are committed to providing a variety of awesome benefits to help them live their best lives.
- Competitive salary because we value your experience and expertise
- Unlimited vacation / sick days because everyone deserves time for R&R
- Employer contribution towards health coverage (including vision & dental) because your physical health and well-being is important to us
- Flexible work environment because we are a geographically dispersed team and we believe in balance
- Weekly lunch stipend because there is such a thing as a free lunch!
- A close-knit team of enthusiastic, collegial and driven people to work alongside in a highly meritocratic environment because teamwork makes the dreamwork
BlockFi has experienced incredible growth since our launch in August 2017. Our client base has grown to more than 225,000 (and counting), and the company now boasts more than $15 billion in assets on our platform. We recently completed a Series D funding round placing the company's valuation at $3 billion, and our team now has more than 500 people worldwide. We have established ourselves as a crypto market leader, and as we expand our product suite and geographic footprint, we expect our addressable market to grow exponentially.
BlockFi's leadership team has decades of experience in the traditional financial services and banking world, and we take a conservative approach to regulation that will position us well for sustainable long-term growth and expansion.
Our team is comprised of highly motivated professionals from diverse backgrounds. We are aiming to become the leading lender in crypto and are poised to redefine the global financial ecosystem for the better. In addition:
- BlockFi is one of the first companies to ever offer crypto-backed loans and the only company whose founding team has an institutional understanding of the debt capital markets and regulatory landscape in the U.S.
- $100 MM of Series A, B, and C funding led by Valar Ventures with participation from Susquehanna, Winklevoss Capital, Fidelity, Galaxy Digital, Akuna Capital, and Morgan Creek
- $350 MM of Series D funding led by Bain Capital Ventures, partners of DST Global, Pomp Investments and Tiger Global
- We are moving quickly and have already deployed substantial capital into the space, proving our ability to execute and capture customer demand