Lead Security Engineer
New York, NY, USA
Our security team defends the products, data and systems that power Chainalysis. We are committed to building a diverse team of builders, breakers and shapers to address complex security problems in a novel, exciting space.
This Lead Security Engineer is really good at seeing opportunities for improvement and prioritizing our teams’ needs.You’ll be in charge of designing, architecting, and driving security posture changes for Chainalysis and your success is measured by just how hard life becomes for our adversaries thanks to your efforts.
In one year you’ll know you were successful if…
- You have improved security across all aspects of our Infrastructure by tightening and configuring relevant AWS and other hosted data center systems, services and features.
- You have initiated a program to automate detection of vulnerabilities, evaluate and partner with infrastructure to deploy critical patches/fixes to production systems.
- You have led an effort to conduct external penetration testing for our key products and applications to identify critical vulnerabilities and partnered with our engineering team to drive remediation.
- The team has begun to implement processes to enhance security incident response and investigative processes
- Security architecture reviews have been provided for key third party software used within our products to identify potential unidentified vulnerabilities which may negatively impact the security of our products.
A background like this helps:
- Strong experience with AWS Security (Logging, Key Management, Detection, and Correction) and Terraform automation in a multi-account environment
- Experience with Kubernetes and container security
- Consultative approach towards security with the ability to guide and educate developers on security best practices.
- Experience with application security , threat modeling, and integrating security tooling (open source or commercial) into a CI/CD pipeline
- Industry experience in security operations, incident response and managing security incidents
- The ability to operate in ambiguous situations and be flexible as the organization changes and grows.
- Previous experience meeting industry standard compliance regulations (SOC2, ISO, SOX, etc.)
At Chainalysis, we help government agencies, cryptocurrency businesses, and financial institutions track and investigate illicit activity on the blockchain, allowing them to engage confidently with cryptocurrency. We take care of our people with great benefits, professional development opportunities, and fun.
You belong here
At Chainalysis, we believe that diversity of experience and thought makes us stronger. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. Some of the ways we’re ensuring we keep learning are an internal Diversity Committee, Days of Reflection throughout the year including International Women’s Day, Juneteenth, Harvey Milk Day, and International Migrant’s Day, and a commitment to continue revisiting and reevaluating our diversity culture.
We encourage applicants across any race, ethnicity, gender/gender expression, age, religion, ability, experience, and more. We can’t wait to meet you.
Your application has been successfully submitted.