Staff SOC/CSIRT Engineer

Founded in 2014, Ledger is a global platform specializing in digital assets and Web3 technology. With offices worldwide and a team of over 600 professionals, Ledger is dedicated to creating products and services that enable individuals and companies to securely engage with crypto assets.

Ledger embodies core values that include Pragmatism, Audacity, Commitment, Trust, and Transparency. The company is looking for a detail-oriented Staff SOC/CSIRT Engineer to join its Security Operations Center (SecOps) team. In this role, you will play a crucial part in safeguarding company assets against cyber threats across various environments.

Your responsibilities will revolve around conducting advanced security operations, optimizing security tools, and proactive threat detection. Key tasks include enhancing threat detection capabilities using Cyber Threat Intelligence (CTI) and Open Source Intelligence (OSINT), optimizing security toolsets, and leading threat-hunting initiatives.

Responsibilities:

• Advanced Incident Handling: Manage SOC Level 3 activities, including threat detection, incident response, and post-incident analysis through proactively identifying and mitigating risks.
• SIEM & SOAR Operations: Develop and maintain Sekoia (SIEM) and associated workflows to ensure efficient threat detection and response. Create advanced detection rules and automation workflows tailored to Ledger's operational environment.
• Threat Intelligence Integration: Utilize CTI feeds and OSINT tools to enrich security operations for improved incident response. Provide valuable insights to shape detection strategies.
• Cloud Security: Apply AWS security best practices for monitoring and securing cloud environments. Leverage tools like Wiz and CNAPP for identifying and mitigating cloud vulnerabilities proactively.
• Incident Response & Forensics: Lead technical investigations for high-priority incidents, perform root cause analysis, and recommend preventive measures. Employ advanced forensic tools and techniques to assess and respond to complex threats.
• Collaboration & Documentation: Collaborate with cross-functional teams to align operational practices with organizational goals. Develop comprehensive playbooks, detection rules, and technical runbooks for improved response efficiency.

Requirements:

• 9+ years of experience in security operations, specializing in SOC Level 3 activities and incident response.
• Proficiency in Sekoia (or similar SIEM tools), SOAR platforms, and CTI/OSINT methodologies.
• Strong knowledge of AWS security practices and cloud-native threat monitoring.
• Hands-on experience with tools such as Wiz, SentinelOne, and GitHub Actions for automation.
• Excellent problem-solving skills and ability to handle intricate security challenges.
• Effective communication skills and the ability to convey technical concepts to diverse teams.

Benefits:

• Stock options to share in the company's success.
• Flexible hybrid work policy.
• Annual company outings and social events.
• Comprehensive health insurance coverage.
• Personal development programs and fitness initiatives.
• Generous vacation policy with additional leave days.
• Access to high-performance office equipment and gadgets.
• Transportation reimbursement and employee discounts on products.

Ledger is an equal opportunity employer that values diversity and inclusion in all aspects of employment.