Security Operations Engineer (Remote)

About the Filecoin FoundationThe Filecoin Foundation (FF) is an independent organization that facilitates governance of the Filecoin network, funds critical development projects, supports the growth of the Filecoin ecosystem, and advocates for Filecoin and the decentralized web. In 2017, the creators of Filecoin envisioned that an independent Filecoin Foundation would serve as the long-term governance body for the Filecoin Ecosystem. They gave the Foundation the mandate to “grow an open ecosystem for decentralized storage” and to “give developers an open and sustainable platform to build, enhance and monetize those services.” They wanted the Foundation to be modeled on Foundations for other open-source projects like the Apache Software Foundation, the Mozilla Foundation and the Linux Foundation. The Filecoin Foundation operates independently of Protocol Labs, the organization that designed and built the Filecoin network. As a member of our early-stage team, you will have the opportunity to help define our growth as the organization scales. This is a full-time, remote position.
Job DescriptionAs a Security Operations Engineer, you will play a key role in ensuring and enhancing the security of the Filecoin Ecosystem and Filecoin Foundation. Joining the security team, you will help identify potential security concerns, respond to security incidents, and ensure adherence to security best practices across the foundation. The ideal candidate has a solid understanding of information security fundamentals, a variety of IT skills, and is looking to take their career towards more autonomy, diverse responsibilities, and decentralization. Successful candidates will exhibit exceptional communication and interpersonal skills in order to work and liaise with multiple different teams with ease. Attention to detail and the ability to shift priorities seamlessly will also be key in this role, as you must balance time-sensitive tasks alongside your everyday responsibilities. If you are passionate about cybersecurity and the decentralized web, this might be the position for you.   

Responsibilities

• Triage, evaluate, and coordinate bug bounty submissions
• Assess, model, and improve operational security across Filecoin Foundation
• Build strong relationships across the Filecoin ecosystem to enable efficient threat detection and mitigation
• Work closely with security auditors to evaluate and drive mitigation of potential vulnerabilities
• Create, maintain, and monitor security evaluation tools like fuzzers, etc
• Maintain work momentum and keep projects moving on schedule
• Provide threat-simulation, security education, and incident response
• Develop and coordinate other ways to engage the community in developing secure systems

Your Profile

• Passion for open-source software; bonus points for contributing to an open-source project
• Experience working in an information security role
• Knowledge of common protocols, vulnerabilities, attack vectors, and best practices in Web3 or blockchain ecosystems
• Familiarity with multiple operating systems
• Strong communication and interpersonal skills with the ability to adapt to different teams as required
• Tactful communication and discretion about sensitive issues
• Attention to detail and strong organizational skills
• Ability to balance time-sensitive priorities
• Ability to work independently with minimal oversight
• High-context awareness and context-switching ability

Nice to Haves

• Experience self-hosting, tools like kubernetes, GCP, or AWS
• Experience with decentralized and/or federated protocols
• Experience with GitHub permissioning
• OSCP, CISSP, or other certifications
• Experience with compliance or implementing ISO 27001 standards
• Prior experience in a startup