Staff Threat Detection Engineer

🕒 April 28

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Chainalysis Inc.

WebsiteLinkedInAll Job Openings

501 - 1000 employees

🔌 API

💳 Fintech

🔒 Cybersecurity

💰 $170M Series F on 2022-05

API • Fintech • Cybersecurity

Chainalysis is the leading blockchain data platform that provides blockchain intelligence solutions for various sectors, including law enforcement, regulators, financial institutions, and centralized exchanges. The company helps organizations tackle crypto challenges, ensure compliance with regulations, and mitigate risks associated with cryptocurrency transactions through its innovative solutions and insights. With an R&D hub known as Chainalysis Labs, the company is dedicated to advancing blockchain intelligence and supporting a safer digital economy.

📋 Description

• Lead Detection Strategy: Own the end-to-end roadmap for corporate threat detection, mapping coverage against frameworks like MITRE ATT&CK. • Engineer High-Fidelity Detections: Design and maintain scalable detection logic across SIEM, EDR, and cloud logging platforms (AWS/GCP). • Conduct Threat Hunting: Plan and execute hypothesis-driven hunting campaigns to uncover novel TTPs and turn findings into durable controls. • Perform Risk Modeling: Lead threat assessments and design reviews for new technology on-boarding and product design changes. • Optimize Response: Partner with Incident Response to refine alert quality, automate triage playbooks, and reduce time-to-containment. • Mentor & Influence: Provide technical leadership and mentorship to the DaRE team while influencing product teams to improve visibility and remediate gaps.

🎯 Requirements

• 8+ years of experience in detection engineering, SOC, or incident response at scale. • Deep expertise in building and tuning detections within SIEM, EDR, and log analytics platforms. • Advanced proficiency in writing complex detection queries (e.g., KQL, SPL, SQL). • Demonstrated experience detecting modern attacker TTPs across endpoint, identity, and cloud environments. • Strong scripting skills (Python, Bash) for automation and enrichment. • Proven ability to lead cross-functional security initiatives with IT and Engineering stakeholders.

🏖️ Benefits

• Offers Equity • Offers Bonus