Security Engineer
Remote
Applications have closed
Figment
The complete staking solution for 250+ institutional clients to earn rewards on their digital assets.At Figment, our mission is to create an Internet that is truly decentralized where users can freely interact, share, collaborate, and exchange goods and services in a trustless environment. We offer staking, middleware, and application layer solutions for token holders and developers investing in and building on Web 3 technologies. Together, we can build a better Internet.
As a member of the Figment Security Management Team, you will be responsible for planning, design, testing, implementation, and maintenance of security systems that monitor and protect the organization from vulnerabilities and threats. Successful applicants must be capable of evaluating systems, applications, and processes to identify common vulnerabilities and weaknesses and work with other departments to provide mitigation strategies.
You will utilize knowledge of security of operating systems, networking and protocols, firewalls, databases and middleware applications, forensics, scripting, and programming to actively monitor, scan and detect vulnerabilities, risks, exposures and intrusions and effectively translate highly technical information to internal customers in a way that supports CIS and broader Figment goals. You will support fellow security and platform engineers, and application developers with remediation recommendations and validation of corrective actions.
What you'll be doing...
- Deploy and maintain security tooling at Figment. (AV/EDR. IDS/IPS, DLP, Logging & Monitoring)
- Document processes, procedures, and workflows for Blue Team operations.
- Partner with engineers to remediate vulnerabilities found in applications and infrastructure.
- Partner with engineers to identify security gaps and integrate security into the software development lifecycle.
- Solid experience in secure coding, cryptography, vulnerability assessment, static and dynamic application security testing.
- Familiarity with encryption fundamentals: PKI, Encryption, Digital Signatures, & Key Management.
- Strong in one or more multi-platform Object-Oriented programming skills e.g., C, C++, Java.
- Perform scheduled technical security exercises, security assessments, and code audits.
- Familiarity with managing infrastructure configuration through infrastructure-as-code principles
- Prepare strategies to protect high risk blockchain keys that have 100% online requirements.
- Communicate the importance of security to the wider organization in a clear and simple way.
- Develop scripts, tools, or methodologies to enhance Figment’s blue teaming processes.
Where you'll be working...
This role will be remote based
What we’re looking for...
You’ll need to have:
- Bachelor's degree or four or more years of work experience
- Strong technical background and understanding in the areas of Enterprise Infrastructure, Information Security and Automation tools e.g., Terraform, Ansible, Chef, Puppet
- Working knowledge of Cloud Provider security architecture design patterns (AWS, CloudFoundry, Azure etc.)
- Experience in building and maintaining security systems
- Experience with OWASP, static/dynamic analysis, and common security tools.
- Experience in shell scripting or automation of simple tasks using Perl, Python, or Ruby.
- Experience with Red, Blue, or Purple teaming exercises.
- Strong knowledge of tools used for Blue Team operations including SIEM, endpoint protection, network detection, vulnerability scanning, cloud security, forensics and incident response.
- Strong technical writing and communication skills
Even better if you have…
- A degree in a technical field.
- Software Engineering experience
- Solid understanding of public cloud environments including AWS, Azure and GCP.
- Solid understanding of TCP/IP with the ability to perform protocol-level network analysis.
- Solid understanding of various operating systems such as Windows/Linux/MacOS.
- Experience with SOAR, SIEM, threat intelligence platforms, vulnerability assessment tools, Cloud platforms, EDR, Cyber threats and attack vectors, exploitation methods, IOC and TTP's.
- CI/CD development pipeline experience for application security technologies.
- Familiarity with Terraform, Ansible, AWS, Azure, GCP. Kubernetes and Git.
- Familiarity with common virtualization technologies like Docker, Kubernetes, and VMs.
- Industry certifications such as CISSP, PNPT, CRTP, OSCP, AWS Security Specialty, Comptia Security+ or CySA+.
- Knowledge and understanding of security risks involving Web3, blockchain protocols, and smart contracts.
Benefits & Impact
- Remote First + Hybrid Working Environment: Fully remote first teams with regular team retreats to foster team bonding.
- Professional Culture: A culture of honesty, professionalism and risk taking in a high growth environment
- Work/Life Flexibility: remote work with a flexible PTO policy - 20 days PTO plus 5 flexible days.
- Family-Friendly Benefits: best in class parental leave and flexible arrangements
- Health & Wellness: company-paid medical/vision/dental for employee and family
- Compensation: Comprehensive package including competitive salary, bonus and equity
About Figment
At Figment, our mission is to support the adoption, growth and long term success of the Web 3 ecosystem. This is Figment’s unique approach: we make it simple to build on the next generation of blockchain technology.
We provide enterprise grade node and staking infrastructure and developer tools while also actively participating in community & governance.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible Application security Audits Automation AWS Azure Blockchain Blue team C CI/CD CISSP Cloud CompTIA Cryptography Docker EDR Encryption Firewalls Forensics GCP Governance IDS Incident response IPS Java Kubernetes Linux MacOS Monitoring OSCP OWASP Perl PKI Puppet Python Ruby Scripting Security assessment SIEM SOAR TCP/IP Terraform Threat intelligence Vulnerabilities Windows
Perks/benefits: Competitive pay Equity Flex hours Flex vacation Health care Medical leave Parental leave Salary bonus Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs