Principal Security Engineer - Detection & Response

About Us

Immutable is a global technology company immersed in the world of NFTs on Ethereum. Our aim is to establish the premier ecosystem for NFTs, fostering user empowerment and rewards. With origins dating back to 2018, Immutable stands as one of the quickest Australian businesses to achieve unicorn status, having secured over AUD $300M+ and holding a valuation of AUD $3.5 billion.

The Immutable Group presently comprises the Immutable Platform, the favored developer platform for constructing and expanding web3 games on Ethereum, and Immutable Games, a major player in web3 game creation and publishing, boasting popular titles such as Gods Unchained and Guild of Guardians.

We envision the realization of digital worlds; thus, we have ambitious global growth initiatives in place as we endeavor to ascend to the top rank as the number one NFT ecosystem.

Come be a part of our pioneering endeavors!

About The Role

At Immutable, our mission is to drive the next wave of web3 games. Transitioning the next million users to web3 necessitates products that guarantee universally safe usage.

The Immutable security team plays a pivotal role in ensuring the organization possesses the knowledge, tools, and determination vital for building trust.

Staying abreast of adversaries, comprehending their methods, and deploying effective mitigating controls and detections to deter them are all key facets of our security strategy. It is imperative to discern attack routes, evaluate the probability of these paths, and weigh the costs implicated in implementing controls and detections. By escalating the costs for potential attackers and decreasing our own expenses, we fortify our defenses.

Detecting and responding are intertwined, requiring robust detections like code-driven automated playbooks to furnish insightful data for human decision-making or machine/model evaluation.

To enhance this cyclical process linking adversary behavior, attack charts, mitigating controls, detections, and response playbooks, we need to streamline procedures while maintaining cost-efficiency. Responding to adversary behavior and simulations empowers us to enhance the effectiveness of our controls and detections. This progression involves Immutable simulating adversary conduct via code, allowing validation of our detection mechanisms.

We recruit top talents and furnish them with premier toolkits. From the security platform to web2 and web3 intelligence, successful candidates can acquire and react to high-fidelity signals effectively. Try your hand if this resonates with you!

You’ll Be Empowered To

• Focus on detection engineering and translating detections (and playbooks) to code.
• Undertake in-depth assessments, intuitively placing preventative controls and detections targeted at specific challenges.
• Direct the full cycle from detection to automated or semi-automated response through playbooks.
• Capitalize on remarkable platforms and tools secured by Immutable to maintain agility and make a tangible impact.
• Engage in refining attack graphs (non-linear threat models) aimed at prioritizing critical detections guarding Immutable’s invaluable assets.
• Streamline processes, automate repetitive tasks, and allocate sufficient time to tackle pertinent security issues within Immutable.
• Take charge in automating detection and response playbooks through code and AI.
• Drive impact on a daily basis, fostering a positive momentum loop that expedites delivery of outcomes and influence.
• Operate with substantial autonomy and responsibility, steering the roadmap that blends enterprise IT, detection, response dynamics, and identity/access management.

We'd Love You To Bring

• Proven expertise in prioritizing actions based on security efficacy and their impact (time/cost) on the organization.
• Proficiency in charting a technical strategy, factoring in transitional phases and discerning the opportune moments for change.
• Prompt transition from technical strategy to actionable steps aligned with factors like cost and complexity.
• Advanced understanding of defensive security and blue teams through empirical knowledge rather than trends or unwarranted fear, with a keen sense of the requisite tools and platforms for effectiveness.
• Ability to identify quality standards based on prior success stories or hands-on experience.
• Eagerness to integrate AI and sophisticated tooling into your security framework.
• Comfort with operating in compact teams delivering exceptional results - versed in leading focused teams featuring sophisticated tooling and AI.
• Unmatched intuition enabling pinpoint accuracy or close predictions frequently.
• Proficiency in crafting, deploying, and monitoring security metrics reflecting the current or desired business security status.
• Demonstrated results-oriented aptitude coupled with a focus on executing initiatives effectively.
• Natural pragmatism in adapting best practices commensurate with business requirements.
• Strong interpersonal skills, capable of communicating empathetically and steering other teams effectively.
• Prior experience in a swiftly expanding tech environment.
• Interest in Blockchain beneficial but not mandatory.

We are proud of the benefits that we offer for all of our employees globally. Here is a snapshot:

Attracting the best global talent:

We guarantee globally competitive remuneration and stock options reflecting our products' prosperity. Additional benefits include Medical and 401K Insurance for our US personnel

We offer versatile work setups, alongside a stunning head office in Sydney and remote office hubs worldwide through a WeWork all-access pass

We provide a USD $500 WFH allowance for setting up your home office, as well as USD $600 annually toward internet and phone expenses

Levelling up your growth

We earmark up to USD $1,350 yearly for classes, courses, or events aimed at nurturing your personal and professional development

Access to complimentary online courses on Udemy

Helping you thrive

Health and wellness allowance of USD $800 annually

Round-the-clock access to unlimited counseling services for you and your family via our EAP Service

Monthly subsidy and reduced rates via ClassPass, which includes a free 1-year membership to Breethe

Leave when you need it the most:

New parents receive 12 weeks of paid leave in our gender-neutral policy, with an additional six weeks for the birthing parent for pre and post-birth rest and recovery. Miscarriage Leave and additional leave for IVF treatments are also available

Perks include two extra paid leave days annually at year-end and a paid day off on your birthday

Additional Information:

Immutable's commitment to cultivating an inclusive, diverse workplace underpins our belief in harnessing a spectrum of perspectives and experiences vital for our sustained success

We adhere to the 2024 Circle Back Initiative, pledging to acknowdlege and respond to all applicants

A note to recruitment agencies: As we have this role managed internally, unsolicited agency resumes are unnecessary. We do not entertain unsolicited resumes nor do we bear responsibility for any related fees.

Join us in shaping the future of web3 gaming!

*