Sr. Cloud Security Engineer (London or Copenhagen)
Our security team defends the products, data and systems that power Chainalysis. We are committed to building a diverse team of builders, breakers and shapers to address complex security problems in a novel, exciting space.
Chainalysis Cloud Security Engineers are good problem solvers, automaters, and collaborative in nature. We measure success by how you are able to level up and increase the maturity of the Chainalysis cloud security footprint throughout the development lifecycle.
In one year you’ll know you were successful if…
- You have built a framework and implemented tooling to continuously analyze the security profile of our cloud applications and infrastructure (i.e Guardrails around IAM, cloud misconfigurations and policy violations, terraform security modules) in an automated fashion enabling developers to deploy code securely.
- Have a deep understanding of our Cloud Security posture and footprint through logging, metrics, and tooling.
- Implemented preventative and corrective security automation in our DevOps pipeline making security out of the box a reality for new and upcoming deployments.
A background like this helps:
- Have integrating open source security tools into a DevOps pipeline (Terraform Linting, IAM Access Analysis, Cloud Security posture assessment)
- Worked with the AWS Security Suite of Tools (GuardDuty, SecurityHub, Control Tower, Firewall Manager, etc)
- Deploying and managing AWS Security with tens or hundreds of accounts, using AWS Organizations and Service Control Policies (SCPs)
- Implementing multi-account log aggregation, event management, threat hunting, and incident response
- Secrets management with tools like Hashicorp Vault, AWS Secrets Management, KMS, chamber, etc
- Developed custom Terraform modules or submitting pull-requests for Terraform security fixes
- Implementing, integrating, and maintaining AWS SSO (Okta, Ping, or Onelogin).
- Performing cloud architecture design reviews and threat modeling for new initiatives
- Using DevOps and CI/CD tooling and frameworks such as Jenkins, Ansible, CircleCI, TravisCI, etc
- Implementing and influencing a DevSecOps workflow for engineering teams
- Working in regulated environments (PCI, SOX, SOC 2, ISO 27K)
- A mindset of being part of the solution and solving problems.
At Chainalysis, we help government agencies, cryptocurrency businesses, and financial institutions track and investigate illicit activity on the blockchain, allowing them to engage confidently with cryptocurrency. We take care of our people with great benefits, professional development opportunities, and fun.
You belong here.
At Chainalysis, we believe that diversity of experience and thought makes us stronger. We encourage applicants across any race, ethnicity, gender/gender expression, age, religion, ability and experience. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. We can’t wait to meet you!
Your application has been successfully submitted.