About Transak:
Transak is a leading Web3 onboarding infrastructure provider used by top partners like Metamask, Trust Wallet, Ledger, Coinbase with 10M+ registered users. Its API & widget driven solutions enable web3 platforms to onboard users to 130+ crypto assets from 63+ countries, abstracting away the complexity of user KYC, risk monitoring & compliance, payment methods and customer support. Transak’s On/Off-Ramp widget can be integrated into an app in just a few lines of code. Transak is backed by top VCs, including Consensys, Animoca Brands.
About the Role
We are seeking a highly motivated and skilled Security Engineer to join our growing security function. In this role, you will operate at the intersection of offense and defense, simulating adversarial tactics to identify weaknesses, while also driving the implementation of robust detection and mitigation strategies. You will proactively evaluate the organization’s security posture, develop and test hypotheses using MITRE ATT&CK techniques, and work closely with DevSecOps teams to enhance overall threat resilience and setup Security Operations Center(SOC) operations.
Key Responsibilities
- Design and execute Purple Team exercises to emulate real-world attack scenarios aligned with the MITRE ATT&CK framework.
- Implement security controls and hardening mechanisms based on gap analysis from Purple Team exercises.
- Identify tactics, techniques, and procedures (TTPs) relevant to the organization’s environment and threat landscape and also translate TTPs into actionable detection use-cases and SIEM rules.
- Manage and fine-tune SIEM rules and alerts (e.g., Splunk, SumoLogic, etc.). Create and maintain correlation rules, dashboards, and alerts for advanced threat detection.
- Lead or contribute to incident response playbooks and post-mortem analysis.
- Help mature the organization’s security automation and orchestration capabilities.
- Stay updated with the latest adversary tradecraft, vulnerabilities, and threat intelligence.
- Evaluate new tools, frameworks, and services that can strengthen threat detection and response.
- Lead and contribute towards making cloud infrastructure more secure.
- Contribute to security training, awareness, and tabletop exercises within engineering and IT teams.
Required Qualifications
- 5–10 years of experience in cybersecurity with a focus on threat detection, offensive testing, or SOC operations.
- Strong understanding of the MITRE ATT&CK framework and its application in real-world scenarios.
- Proficient in using or integrating SIEM tools.
- Hands-on experience with scripting (Python, Bash) for automation and simulation.
- Familiarity with endpoint detection and response (EDR) tools(CrowdStrike, SentinelOne, etc.), log analysis, and threat hunting.
- Experience with cloud-native security (AWS preferred), containers, and Kubernetes is a plus.
Bonus Points
- Passion for AI and emerging technologies, with a track record of applying AI to improve security operations (e.g., anomaly detection, threat intelligence triage, phishing detection).
- Experience automating security workflows and tooling using Python, or security orchestration platforms (SOAR).
