Security Engineer, Infrastructure

We are the security engineering team, skilled in cybersecurity, cloud security, application security, and regulatory compliance. Our global distribution allows us to leverage unique experiences and skillsets to build and operate security services that safeguard our platform. We prioritize a proactive approach to prevent security issues and stay ahead of potential threats, ensuring the continuous protection of our services.

In this role, you will be responsible for developing and optimizing logging pipelines within AWS EKS and GCP GKE environments, ensuring efficient log collection and storage. You will conduct thorough assessments of cloud and infrastructure security, identifying and correcting misconfigurations to enhance overall security posture. Additionally, you will establish and improve CI/CD pipelines, integrating robust security measures and best practices throughout the software development lifecycle. Your expertise will help ensure secure, reliable, and scalable operations across our cloud and development environments.

In this role, you’ll:

Develop and Optimize Logging Pipelines in AWS EKS and GCP GKE Environments:

• Create and refine centralized logging systems to collect logs from diverse sources like nodes, containers, and applications.

• Implement log collection and aggregation using tools such as Fluentd, Fluent Bit, or Logstash.

• Connect logging systems to storage and analysis platforms including Amazon CloudWatch, Google Cloud Logging, and others.

• Guarantee dependable and scalable log collection and storage for effective system monitoring and issue resolution.

• Review and enhance existing logging pipelines to improve overall performance and reliability.

Identify and Correct Cloud and Infrastructure Security Misconfigurations:

• Perform thorough evaluations of cloud and infrastructure setups to pinpoint and rectify security misconfigurations.

• Conduct security assessments on AWS and GCP configurations, network infrastructures, and access controls.

• Apply industry-standard best practices and security frameworks to address discovered vulnerabilities.

• Concentrate on improving IAM policies, VPC setups, storage bucket configurations, and ensuring compliance with standards like CIS benchmarks and NIST guidelines.

• Enhance the overall security stance by eliminating vulnerabilities and ensuring adherence to best practices.

Establish, Manage, and Upgrade CI/CD Pipelines with Security Integrations:

• Build and enhance CI/CD pipelines by embedding security best practices throughout the development lifecycle.

• Automate security testing within pipelines using tools for static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA).

• Utilize technologies such as Jenkins, GitHub Actions, Terraform, and various security scanning tools.

• Ensure the secure construction, testing, and deployment of code, with ongoing monitoring and improvement of pipelines.

• Advise on secure coding practices and promote a security-focused culture within development teams.

We’re looking for candidates who have: 

• Infrastructure Expertise: Strong experience in designing, deploying, and managing secure cloud infrastructures using Kubernetes and Terraform.

• Cloud Platforms: Proficiency in AWS and GCP, with a focus on implementing and managing security services.

• Application Security Experience: Experience using SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) to identify and remediate security vulnerabilities in software applications.

• Infrastructure-as-Code: Hands-on experience with Infrastructure-as-Code (IaC) tools, particularly Terraform.

• Collaboration Skills: Excellent communication skills, both verbal and written, for effective collaboration with cross-functional teams.

• Security Best Practices: Understanding of secure coding practices, though the primary focus is on infrastructure and cloud security.

• Excellent communication skills, both verbal and written

Nice to have experience:

• Advanced Logging and Monitoring Tools: Experience with additional tools like Prometheus and Grafana, and familiarity with Kubernetes operators for managing logging and monitoring infrastructure.

• Automation and Scripting: Proficiency in scripting languages such as Python or Bash for automating security and logging tasks, and experience with infrastructure as code (IaC) tools like Ansible or Chef.

• Security and Compliance Expertise: Hands-on experience with security compliance standards such as ISO 27001 or SOC 2, and prior involvement in incident response and management within cloud environments, especially in regulated industries like finance or healthcare.

Technologies we use:

• Coding Languages - Java, Javascript, Python, 

• IaC - Terraform

• Cloud - AWS, GCP

• CI/CD Pipeline - Github, GitHub Actions, Jenkins

• API’s - REST APIs

While this is a remote-friendly role, candidates must reside in the Eastern or Central US time zones.

About Chainalysis

Blockchain technology is powering a growing wave of innovation. Businesses and governments around the world are using blockchains to make banking more efficient, connect with their customers, and investigate criminal cases. As adoption of blockchain technology grows, more and more organizations seek access to all this ecosystem has to offer. That’s where Chainalysis comes in. We provide complete knowledge of what’s happening on blockchains through our data, services, and solutions. With Chainalysis, organizations can navigate blockchains safely and with confidence.

You belong here. 

At Chainalysis, we believe that diversity of experience and thought makes us stronger. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. Some of the ways we’re ensuring we keep learning are an internal Diversity Committee, Days of Reflection throughout the year including International Women’s Day, Harvey Milk Day, World Humanitarian Day, and UN International Migrants Day, and a commitment to continue revisiting and reevaluating our diversity culture. 

We encourage applicants across any race, ethnicity, gender/gender expression, age, spirituality, ability, experience and more. If you need any accommodations to make our interview process more accessible to you due to a disability, don't hesitate to let us know. You can learn more here. We can’t wait to meet you.