Security Engineer

US or EMEA Remote (excluding France and Australia)

Consensys is the leading blockchain and web3 software company founded by Joe Lubin, CEO of Consensys and Co-Founder of Ethereum. Since 2014, Consensys has been at the forefront of innovation, pioneering technological developments within the web3 ecosystem.

Through our product suite, including the MetaMask platform, Infura, Linea, Diligence, and our NFT toolkit Phosphor, we have become the trusted collaborator for users, creators, and developers on their path to build and belong in the world they want to see.

Whether buildig a dapp, an NFT collection, a portfolio, or a better future, the instinct to build is universal. Consensys inspires and champions the builder instinct in everyone by making web3 universally easy to use and develop on.

Our mission is to unlock the collaborative power of communities by making the decentralized web universally easy to access, use, and build on.

You’ll get to work on the tools, infrastructure, and apps that scale these platforms to onboard one billion participants and 5 million developers. You’ll be constantly exposed to new concepts, ideas, and frameworks from your peers, and as you work on different projects — challenging you to stay at the top of your game. You’ll join a network of builders that reaches the edge of our ecosystem. Consensys alumni have moved on to become tech entrepreneurs, CEOs, and team leads at tech companies.

About the role:

As an Intermediate Security Engineer within our SOC team, you’ll implement security measures and improvements across both web2 and web3 environments. A key aspect of your role will be engineering our security tooling ecosystem, which includes integrating and customizing 3rd party solutions as well as developing custom security tools specifically designed for web2 and web3 environments. You’ll contribute to our SOAR (Security Orchestration, Automation, and Response) platform by building and refining automated response workflows and implementing machine learning (AI)/LLM integrations to enhance threat detection capabilities. You’ll follow and help refine incident response playbooks for security situations spanning traditional and blockchain-based technologies. Your technical skills in threat detection will help identify attack patterns across hybrid environments, connecting security events into coherent threat scenarios. Through collaborative threat modeling, you’ll analyze system architectures, identify attack vectors in both traditional infrastructure and blockchain protocols, and help map potential attack paths through our technology stack. You’ll support investigation of security incidents through technical analysis, contributing insights that help develop custom detection rules. With a growing expertise in security, you’ll stay informed on emerging trends in both domains and participate in investigations of security incidents. This role bridges conventional cybersecurity with web3, ensuring effective protection across our technological landscape.

Note: As Web3 security is an emerging discipline, we strongly encourage candidates with exceptional traditional security backgrounds to apply—we value your expertise and will provide dedicated training and mentorship to build your web3 security capabilities.

Responsibilities will include:

• Implement monitoring and analysis of data from traditional networks, blockchain networks, cloud platforms, and enterprise systems
• Engineer and enhance security tooling, including customizing 3rd party solutions and developing custom tools for web2 and web3 environments
• Build and maintain SOAR (Security Orchestration, Automation, and Response) workflows to automate routine incident response actions
• Develop and implement machine learning models to improve threat detection and analysis capabilities
• Integrate LLM technologies across security operations to enhance efficiency and automation
• Assist in investigating security incidents and vulnerabilities across web2 and web3 environments
• Operate and interpret results from various security tools, including SIEM, EDR, cloud security systems, and blockchain-specific platforms
• Follow and help improve incident response procedures for both traditional and blockchain-related security issues
• Develop automation scripts to enhance efficiency in detecting and responding to security threats
• Help maintain comprehensive incident response playbooks covering both web2 and web3 ecosystems
• Stay updated on emerging cybersecurity trends, including traditional threats and crypto/blockchain-specific vulnerabilities
• Support risk assessment and mitigation in both traditional IT infrastructure and Web3 systems
• Help integrate data streams from networks, applications, and blockchain sources into security dashboards
• Collaborate with team members on implementing security best practices across web2 and web3 technologies
• Contribute to technical advisories on various cybersecurity issues for internal teams
• Participate in on-call rotation for security incidents across all platforms
• Support the implementation of cross-platform security strategies that address both traditional and blockchain-based threats
• Configure and operate SIEM deployments, including writing detection queries, integrating logging sources, and managing data retention to enhance threat detection capabilities

Qualifications:

• 3+ years of experience in IT Security, with some experience in a SOC environment
• Experience with security tool development, integration, or customization
• Knowledge of SOAR platforms and experience building automated security workflows
• Familiarity with machine learning or AI/LLM applications in cybersecurity
• Understanding of incident response practices and processes
• Experience with common security tools for detection and remediation in traditional networks
• Awareness of the cybersecurity landscape, including traditional threats, malware analysis, and threat intelligence
• Knowledge of security in cloud environments, including vulnerability management and protective monitoring
• Familiarity with security compliance, risk management, and main security standards (ISO2700x, CIS, NIST, SOC2)
• Strong troubleshooting and problem-solving skills across diverse technological environments
• Experience with containerized environments and their security implications (Docker/Kubernetes)
• Intermediate programming skills in Python/Bash/Go or equivalent for developing security tooling
• Good verbal and written English skills, with the ability to communicate security concepts clearly

Nice to have:

• Entry-level security certifications such as CompTIA Security+, SSCP, or blockchain-specific certifications
• Degree in Computer Science, Cybersecurity, or equivalent
• Experience with developing custom security tools or plugins
• Knowledge of API integration patterns for security tools
• Background in data science or experience with security analytics platforms
• Experience with prompt engineering for security-focused LLM applications
• Familiarity with blockchain forensics tools and techniques
• Basic understanding of regulatory frameworks affecting traditional finance and crypto assets
• Contributions to open-source security projects or blockchain protocols
• Basic knowledge of smart contract security or DeFi protocols

Don’t meet all the requirements? Don’t sweat it. We’re passionate about building a diverse team of humans and as such, if you think you’ve got what it takes for our chaotic-but-fun, remote-friendly, start-up environment—apply anyway, detailing your relevant transferable skills in your cover letter. While we have a pretty good idea of what we need, we’re ready for you to challenge our thinking on who needs to be in this role.

It is a requirement of employment in this position that applicants will be required to submit to background checks including but not limited to employment, education and criminal record checks. Further details will be provided to applicants that successfully meet the criteria for the position as determined by the company in its sole discretion. By submitting an application for employment, you are acknowledging and consenting to this requirement.