Security Response Engineer, Incident Response

🕒 March 27

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Chainlink Labs

Chainlink Labs

201 - 500 employees

Founded 2017

💸 Finance

💳 Fintech

🌐 Web 3

Finance • Fintech • Web 3

Chainlink Labs is a leading player in the field of decentralized finance (DeFi) and blockchain technology. The company is pioneering the use of decentralized systems to facilitate onchain transactions for financial institutions and marketplaces. By collaborating with financial market infrastructures, asset managers, and top DeFi protocols, Chainlink Labs is driving the transition to a tokenized asset economy and aims to become the global standard for onchain finance. With expertise in cryptography and a robust track record in security, Chainlink Labs provides a platform that powers a global system of onchain finance.

📋 Description

• Own and improve the incident response lifecycle: act as incident commander for high-severity incidents • Join the team's on-call rotation: triage inbound alerts/escalations, coordinate internal and company-wide incidents • Improve response readiness: create and automate playbooks, conduct tabletop exercises • Address security telemetry gaps: improve existing or build/deploy new tools • Increase detection quality: write and tune high-signal detections (in Sigma) • Proactively identify and implement areas of improvement and modernization

🎯 Requirements

• Proven incident response leadership: experience as the primary incident commander for high‑severity security incidents involving multiple teams and external stakeholders, and can independently manage incident timelines, decisions, and communications • Operational rigor and investigation depth: demonstrated experience with triage, scoping, containment, and remediation across endpoint, cloud, and/or network based incidents; drives root‑cause analysis and post‑incident action items to completion. • Experience in macOS-heavy environments: has secured and operated a predominantly macOS endpoint fleet: deploying / managing endpoint controls, telemetry collection, and performing investigations on macOS systems. • Collaborative, straightforward communicator: writes clear incident updates and summaries; can explain risk, impact, and trade‑offs to both technical and non‑technical stakeholders; builds trust with partner teams during high‑pressure situations; comfortable handling the regular communication cadence of an incident • Detections experience: ability to create and refine detections based on investigations and threat intelligence • Previous coding experience (Python, Go, Rust, or similar): scripting for data parsing/enrichment and simple automations. • Prior success in remote-first environments. • Experience with detections‑as‑code (Sigma) development and workflows. • Domain experience with blockchain/Web3 threats. • Open-source contributions to security related projects.

🏖️ Benefits

• All roles with Chainlink Labs are global and remote-based. • We carefully review all applications and aim to provide a response to every candidate within two weeks after the job posting closes. • We want to fully consider your experience and skills, and you will hear from us regarding the status of your application shortly after the closing date.

Apply Now

Similar Jobs

🕒 March 10

Rearc

51 - 200

🤖 Artificial Intelligence

Cybersecurity Engineer at Rearc focusing on cutting-edge detection strategies. Collaborating with clients to enhance cybersecurity monitoring and creating tailored security detections.

Apache

Cyber Security

Python

Spark

SQL