Senior Infrastructure Security Engineer

Skills

About the Role

You will secure the corporate and production infrastructure powering decentralized services. You will own the security posture across identity and collaboration security detection and response cloud and infrastructure security endpoint security incident response secure systems design and cross team collaboration. You will partner with IT Ops DevOps Protocol Security and Product Engineering to make security a default property of how you operate rather than a checkpoint. You will lead threat modeling and architecture reviews for new internal systems and translate findings into concrete prioritized work. You will help protect an open source ecosystem and a valuable on chain infrastructure.

Requirements

• 5+ years of hands on infrastructure or detection and response security experience
• Production experience securing a cloud based identity and collaboration platform at scale
• Hands on experience with a modern SIEM and SOAR writing detections onboarding log sources building response playbooks and tuning to reduce false positives
• Strong cloud security background including IAM network controls workload identity and organization level guardrails
• Practical experience securing a macOS dominant endpoint fleet MDM configuration baselines and EDR
• Familiarity with Infrastructure as Code secrets management and security automation
• Real incident response experience on call
• Clear constructive technical communication across engineering and non engineering stakeholders
• Blockchain web3 exposure
• Compliance framework experience with SOC 2 and ISO 27001
• Kubernetes security
• Detection engineering as code
• Experience in lean security teams

Responsibilities

• Own the security configuration of identity and collaboration stack including identity and access policies third party app governance DLP context aware access and admin audit
• Drive least privilege and phishing resistant MFA across the org
• Build and maintain detentions and design response playbooks for high signal alerts onboard new log sources and own the detection as code pipeline
• Reduce mean time to detect and mean time to respond on real incidents
• Harden cloud footprint Kubernetes clusters and CI CD pipelines
• Review infrastructure as code for security regressions embed guardrails and partner with DevOps on secrets management and supply chain controls
• Own the security posture of the endpoint estate including MDM configuration baseline hardening EDR tuning and endpoint telemetry
• Lead and participate in security incident investigations end to end containment forensics root cause remediation and post mortem
• Run threat models and architecture reviews for new internal systems and infrastructure changes
• Cross team collaboration and effective communication to raise risks and influence without owning every system