Security Operations Engineer (f/m)

We are focused on democratizing the world of digital assets, ensuring accessibility and security for all individuals. This is where you fit in.

Established in 2014, Ledger serves as the global platform for Web3 and digital assets, safeguarding over 25% of the world’s crypto assets through Ledger Nanos. With headquarters in Paris and Vierzon, as well as offices in various countries such as the UK, US, Switzerland, and Singapore, Ledger is supported by a team of more than 700 professionals. Their efforts are dedicated to providing products and services that allow individuals and businesses to securely purchase, store, exchange, expand, and supervise crypto assets. This includes the line of Ledger hardware wallets, of which more than 7 million units have been sold across 200 countries.

At Ledger, we uphold core values that distinguish us: Pragmatism, Audacity, Commitment, Trust, and Transparency. Our team implements these values in every aspect of our work.

Your Role

Creating a presence as a Security Operations Engineer, Ledger seeks an individual experienced in scale-up environments, with a keen interest in Web3 and blockchain security. Your key responsibilities will revolve around identifying and mitigating threats across Ledger's infrastructure, managing SaaS security tools, and conducting strategic threat-hunting activities. While some collaboration may occur with the Donjon Team regarding blockchain-related risks, the primary focus will be operational security inclusive of threat detection, automation, and incident response. This opportunity presents a chance to secure a rapidly evolving SaaS environment, while also engaging with cutting-edge Web3 technologies.

Primary Responsibilities:

• Security Monitoring & Incident Response: Monitor and interpret security alerts, functioning with tools like Sekoia (SIEM) and SentinelOne (EDR) to neutralize threats effectively. Develop and enhance detection systems using IOCs to optimize threat visibility. Lead incident response efforts to swiftly contain and resolve threats.
• Threat Hunting: Actively seek out threats across SaaS and cloud surroundings to pinpoint malicious activities or APTs. Integrate CTI and OSINT into threat-hunting strategies for predicting and mitigating potential risks.
• SaaS and IAM Security: Oversee and fortify SaaS applications, such as Google Workspace, alongside implementing top-tier IAM system practices like OKTA. Strengthen access controls, monitor user activities, and minimize IAM-related security vulnerabilities.
• Blockchain Collaboration: Partner with the Donjon Team to provide operational support for blockchain-related concerns, incorporating relevant detection systems into SIEM and responding to blockchain-specific incidents, in addition to focusing on your primary responsibilities.
• Automation and Efficiency: Introduce security automation mechanisms employing tools such as GitHub Actions to refine detection, triage, and response workflows.
• Vulnerability Management: Prioritize and track vulnerabilities via tools like Wiz and SBOM repositories, ensuring prompt resolution throughout SaaS and cloud domains.
• Collaboration & Documentation: Engage with Threat Intelligence, Engineering, and Product Security teams to align and enhance security protocols. Create documentation including playbooks, detection rules, and methodologies for optimum operational efficacy and knowledge dispersion.

Qualifications:

• Experience: A minimum of 3 years in security operations, particularly within scale-up settings. Knowledge of Web3 and blockchain security is crucial, with an understanding that working on blockchain-specific risks may involve collaboration with the Donjon Team.
• Technical Skills: Proficiency in SIEM tools (e.g., Sekoia) and the development of detection logic is essential. Skill set extends to EDR platforms like SentinelOne, and familiarity with threat-hunting strategies such as IOC management. Profound expertise in SaaS security tools (e.g., Google Workspace) and IAM systems (e.g., OKTA). Experience with vulnerability management tools (Wiz) and cloud security fundamentals.
• Soft Skills: Demonstrated analytical and problem-solving skills alongside a proactive approach to security issues. Clear and effective communication abilities, conducive to collaborating with cross-functional teams. An eagerness for continuous learning and knowledge sharing.

Benefits Package:

• Equity: Receive stock options enabling you to partake in our growth and success.
• Flexibility: Enjoy the perks of a hybrid work policy.
• Social: Engage in our annual company events as well as frequent social gatherings, snack provisions, and beverages.
• Medical: Avail comprehensive health insurance offering extensive coverage for medical, dental, and vision care.
• Well-being: Access personal development opportunities, coaching sessions, and fitness benefits through our designated partners.
• Vacation: Generous paid leave, providing five weeks per year in addition to national holidays and RTT days.
• High-tech: Gain access to high-performance office equipment and gadgets, including Apple products.
• Transport: Be reimbursed for part of your preferred mode of transport.
• Discounts: Enjoy employee discounts on all our products.

We are committed to promoting a diverse and inclusive work environment, showing no bias based on gender, ethnicity, religion, sexual orientation, social status, disability, or age.