Staff Security Engineer

About Paxos 

Today’s financial infrastructure is archaic, expensive, inefficient and risky — supporting a system that leaves out more people than it lets in. So we’re rebuilding it.

We’re on a mission to open the world’s financial system to everyone by enabling the instant movement of any asset, any time, in a trustworthy way. For over a decade, we’ve built blockchain infrastructure that tokenizes, custodies, trades and settles assets for the world’s leading financial institutions, like PayPal, Venmo, Mastercard and Interactive Brokers.

About the team 

This is the founding hire for a new team that will establish the groundwork for our internal Security Operations (SecOps) program. This includes alerting, monitoring, vulnerability analysis, interfacing with engineering teams and external SOC. This team will serve as the first line of defense, securing billions of assets.

About the role

Be the founding hands-on member of a new team, helping to mature our SecOps program. Working with talented engineers, you'll help create best practices, runbooks, interface with our SOC and build the roadmap for the SecOps function.

What you’ll do 

• Be a technical lead to a small group of engineers building out logging and alerting pipelines, runbooks, automation, and more!
• Identify and remediate security issues and vulnerabilities in our cloud infrastructure, determining root cause, and identifying prevention methods
• Lead security incident response and serve as the primary incident commander
• Work with a wide variety of engineering teams - Cloud Security, Application Security, IT, Production Engineering, Developer Experience, etc.
• Opportunities to move into a people manager role as the function grows
• Immerse yourself in blockchain technology, cryptocurrency for enterprises and investors, our regulation-first approach, and more!

About you

• At least 5 years of experience working with AWS and securing large production workloads (multi-account, multi-region with hundreds of nodes)
• In-depth knowledge of security layers, both native to AWS (IAM, ACM, security groups, ACLs, etc.) and general (including secrets storage with tools like HashiCorp Vault, mTLS, service meshes)
• Participation in both offensive and defensive security activities 
• SOC automation, including automated detection and response
• At least 5 years of experience in leading incident response in a hybrid SOC environment
• In-depth experience in implementing and operating a SEIM, preferably Splunk
• Experience integrating vulnerability scanning and assessment tools into SOC operations to identify and remediate security weaknesses

Pay and benefits