Security Analyst

Summary

Join Consensys, a leading blockchain and web3 software company, as a key member of our Security Operations Center (SOC). You will drive security objectives and improvements across web2 and web3 environments, setting standards for our Analyst Team and developing processes and playbooks for a world-class Security Operation. Your expertise will be crucial in addressing complex security incidents, providing insights, and driving continuous improvement. You'll work on tools, infrastructure, and apps that scale platforms to onboard millions of participants and developers. This role bridges conventional cybersecurity with web3, ensuring comprehensive protection across our entire technological landscape. You will be constantly exposed to new concepts and frameworks, challenging you to stay at the top of your game.

Requirements

• 6+ years of experience in IT Security, specifically in a SOC environment, with exposure to both traditional and blockchain-based systems
• Deep understanding of incident response best practices and processes across web2 and web3 environments
• Experience with security tools for detection, diagnosis, containment, and remediation in both traditional and blockchain networks
• Familiarity with defense methods and techniques applicable to both conventional and crypto-asset protection
• Strong awareness of the cybersecurity landscape, including traditional threats and blockchain-specific vulnerabilities, with competence in malware analysis, root cause analysis, threat intelligence, SOAR, and EDR
• In-depth knowledge of managing security in cloud and decentralized environments, including vulnerability management, protective monitoring, and incident management
• Working knowledge of security compliance, assurance, risk management, business continuity, data protection, and main security standards (ISO2700x, CIS, NIST, SOC2), including emerging standards for blockchain security
• Highly developed, process-oriented skills for troubleshooting and problem-solving across diverse technological environments
• Experience with containerized environments, microservices, and their security implications, including container security and secrets management (Docker/Kubernetes/AKS)
• Scripting experience in Python/Bash/Go or equivalent, with the ability to analyze and interact with smart contracts
• Understanding of blockchain technologies, consensus mechanisms, and common vulnerabilities in smart contracts and DeFi protocols
• Excellent verbal and written English skills, with the ability to communicate complex security concepts to both technical and non-technical audiences

Responsibilities

• Monitor and analyze real-time data from traditional networks, blockchain networks, and web applications
• Investigate security incidents and vulnerabilities across web2 and web3 environments
• Utilize and interpret results from various security tools, including SIEM, IDS/IPS, cloud security systems, and blockchain-specific platforms
• Develop and implement incident response procedures for both traditional and blockchain-related security issues
• Create automation scripts to enhance efficiency in detecting and responding to security threats in all environments
• Design and maintain comprehensive incident response playbooks covering both web2 and web3 ecosystems
• Stay updated on emerging cybersecurity trends, including traditional threats and crypto/blockchain-specific vulnerabilities
• Assess and mitigate risks in both traditional IT infrastructure and web3 systems, including smart contracts and DeFi protocols
• Integrate multiple data streams from networks, applications, and blockchain sources into near real-time security dashboards
• Mentor team members on security best practices spanning both web2 and web3 technologies
• Produce technical advisories on various cybersecurity issues for internal teams and partners
• Participate in 24/7 on-call rotation for urgent security incidents across all platforms
• Develop cross-platform security strategies that address both traditional and blockchain-based threats
• Manage and optimize SIEM deployments, including writing and tuning queries in relevant languages, integrating diverse logging sources, and efficiently managing data retention and analysis to enhance threat detection and response capabilities across both web2 and web3 environments

Preferred Qualifications

• Experience managing security in multi-cloud and decentralized environments
• Qualifications and certifications from information security bodies such as GIAC, ISC2, ISACA, ISA, CompTIA, or blockchain-specific certifications
• Technological degree in Computer Science, Cybersecurity, or equivalent
• Experience with blockchain forensics tools and techniques
• Knowledge of cryptography and its applications in both traditional and blockchain systems
• Familiarity with regulatory frameworks affecting both traditional finance and crypto assets
• Contributions to open-source security projects or blockchain protocols
• Experience in auditing smart contracts or conducting security assessments of DeFi protocols

Benefits

US pay range (not including bonus, equity or other benefits) $155,000 — $186,000 USD