Security Engineer

About the Role

StarkWare builds critical cryptography-based infrastructure used by large-scale, high-value systems. Operating in a cloud-first environment, the company is a frequent target for highly capable and well-resourced adversaries, including nation-state actors and advanced criminal groups.

The security team regularly handles real-world attacks, including n-day exploitation, sophisticated phishing campaigns, and advanced intrusion attempts. Our focus is on practical, high-signal security engineering that protects the organization while supporting rapid development and research.

We are looking for a mid-senior Security Engineer to help strengthen StarkWare’s security posture across cloud infrastructure and endpoints, with a strong emphasis on detection engineering, threat hunting, and incident response. This is a hands-on technical role within a collaborative team of mixed experience levels, working closely with DevOps, Infrastructure, IT, and Engineering teams. Some aspects of the role involve collaboration with blockchain security research teams, while the primary focus remains on cloud, endpoint, and enterprise security challenges.

What You’ll Do

• Design, implement, and improve security controls and detections in a cloud-first environment.
• Perform threat hunting and investigations using telemetry from cloud services, endpoints, and internal systems.
• Respond to security incidents, including complex and low-signal cases involving novel attacker techniques.
• Use Python or JavaScript/Node.js to:
• Research attacker behavior and develop advanced detections
• Automate investigations and response workflows
• Configure, extend, and integrate security tools and data sources
• Work closely with DevOps, Infrastructure, IT, and Engineering teams to embed security into systems and workflows.
• Help evolve incident response playbooks, detection strategies, and security processes based on emerging threats and post-incident learnings.
• Participate in a security on-call rotation.

Why Join StarkWare

• Work on real security problems against advanced and persistent adversaries.
• Meaningful ownership and impact within a growing security team.
• Direct collaboration with infrastructure, engineering, and research teams.
• Opportunity to influence how security is designed and operated as the company scales

Minimum Requirements

• 3+ years of experience in a Security Engineer, Detection & Response, Security Operations, or similar hands-on security role.
• Experience working with at least one major cloud provider (AWS, GCP, or Azure).
• Hands-on experience using a SIEM or centralized logging platform for detection, threat hunting, and investigations.
• Comfort using Python or JavaScript/Node.js for security engineering tasks such as research, automation, detections, and integrations.
• Strong experience working in Linux-based environments.
• Solid understanding of incident response fundamentals and common attacker techniques across cloud and endpoint environments.

Nice to Have

• Experience with endpoint detection and response (EDR) technologies.
• Experience collaborating closely with DevOps and software engineering teams.
• Background in application security (CI/CD risks, dependency attacks, secrets exposure).
• Exposure to threat intelligence and applying it to detections or investigations.
• Experience operating in high-threat or highly adversarial environments.