Senior Security Operations Engineer (f/m)

We are dedicated to democratizing access to digital assets, ensuring security for all. Join us as we champion this cause.

Founded in 2014, we are a prominent global platform specializing in digital assets and Web3 solutions. A significant portion of the world’s crypto assets are safeguarded by our Ledger Nanos. With our headquarters based in Paris and Vierzon, our reach extends to offices in various countries including the US, UK, Switzerland, and Singapore. The Ledger team consists of over 700 professionals committed to developing a range of products and services that facilitate the secure acquisition, storage, exchange, growth, and management of crypto assets. Our Ledger hardware wallets have seen substantial success, with over 7 million units sold across 200 countries.

At our core, we embody values that set us apart – pragmatism, audacity, commitment, trust, and transparency. Discover firsthand how our employees shape the essence of our work.

Role Overview

• As a Senior Threat Hunter & Automation Engineer, we are looking for an expert with substantial experience in dynamic, scale-up environments to bolster and optimize our security operations.
• In this position, you will primarily focus on enhancing security monitoring, detection, and response capabilities, with a special emphasis on refining detection logic within our SIEM (Sekoia). We seek a candidate with proficiency in securing SaaS platforms, Google Workspace, and IAM (e.g., OKTA) to contribute to enhancing the scalability and efficiency of our security tools and processes.
• This role demands hands-on technical expertise suited for individuals who excel in fast-paced environments, with a strong background in cloud and SaaS security.

Key Responsibilities

• Develop, implement, and refine detection rules within the SIEM (Sekoia) to enhance threat detection accuracy and minimize false positives. Collaborate with the Threat Intelligence team to integrate CTI (Cyber Threat Intelligence) seamlessly into detection workflows.
• Monitor and analyze security events utilizing Sekoia (SIEM) and SentinelOne (EDR), ensuring swift identification and mitigation of threats. Lead technical investigations and coordinate with stakeholders to effectively resolve security incidents.
• Manage and reinforce SaaS applications, specifically focusing on Google Workspace, to ensure configurations align with top-notch security practices.
• Administer and optimize IAM systems like OKTA, implementing robust access control policies and automating user lifecycle management.
• Enhance automation workflows utilizing tools like GitHub Actions to streamline detection and response processes.
• Identify, prioritize, and address vulnerabilities in cloud and SaaS environments using specialized tools like Wiz and SBOM registries.
• Collaborate closely with Engineering, Infrastructure, and GRC teams to harmonize security practices with organizational objectives. Offer technical guidance and support to team members to ensure compliance with industry best practices.
• Create and maintain playbooks, runbooks, and documentation for detection logic and incident response.

Qualifications

• Professional Experience: A minimum of 7 years in security operations, preferably within scale-up environments, emphasizing SaaS platforms and cloud infrastructure. Demonstrated hands-on experience in developing detection logic for SIEM tools such as Sekoia and Splunk.
• Technical Skills: Proficient in configuring and managing SIEM tools, specializing in custom detection logic and rule optimization. Expertise in EDR (e.g., SentinelOne), IAM systems (e.g., OKTA), SaaS security (e.g., Google Workspace), and sound knowledge of vulnerability management tools like Wiz and cloud security best practices.
• Soft Skills: Strong analytical capabilities for incident investigation and threat analysis are essential. Outstanding collaboration and communication skills to effectively work across diverse teams.

Benefits

• Working Schedule: Monday to Friday, standard working hours, hybrid work model (2 days in the office per week).
• Training: Access to training and hands-on experience in one of the most rapidly developing industries.
• Equity: Equity participation through stock options to share in the company's success and growth.
• Flexibility: Hybrid work policy in place.
• Medical: Comprehensive health insurance coverage including medical, dental, and vision care.
• Well-being: Personal development, coaching, and fitness services are available through our partners.
• Vacation: 20 days of paid leave annually.
• Retirement: Retirement plan options with an employer match.
• High-Tech Setup: Access to high-performance office equipment and gadgets, including Apple products.
• Transportation: Ledger provides reimbursement for a portion of your chosen transportation expenses.
• Employee Discounts: Enjoy employee discounts on all our products.

We are staunch supporters of diversity and equality, offering equal opportunities for all individuals regardless of gender, ethnicity, religion, sexual orientation, social status, disability, or age.