Overview

Our security team defends the global infrastructure that powers Chainalysis. We have a strong security mindset, are passionate about infrastructure, and are dedicated to hardening our network and endpoints against all threats.

This Principal Security Engineer is really good at seeing opportunities for improvement and prioritizing our teams’ needs.You’ll be in charge of designing, architecting, and driving security posture changes for Chainalysis and your success is measured by just how hard life becomes for our adversaries thanks to your efforts.

In one year you’ll know you were successful if…

  • You have improved security across all aspects of our Infrastructure by tightening and configuring relevant AWS and other hosted data center systems, services and features.
  • You have initiated a program to automate detection of vulnerabilities, evaluate and partner with infrastructure to deploy critical patches/fixes to production systems.
  • You have led an effort to conduct external penetration testing for our key products and applications to identify critical vulnerabilities and partnered with our engineering team to drive remediation.
  • The team has defined begun to implement processes to enhance security incident response and investigative processes
  • Security architecture reviews have been provided for key third party software used within our products to identify potential unidentified vulnerabilities which may negatively impact the security of our products.

A background like this helps:

  • Strong experience with AWS Security (Logging, Key Management, Detection, and Correction) and Terraform automation in a multi-account environment
  • Experience with Kubernetes and container security
  • Consultative approach towards security with the ability to guide and educate developers on security best practices.
  • Experience with application security , threat modeling, and integrating security tooling (open source or commercial) into a CI/CD pipeline
  • Industry experience in security operations, incident response and managing security incidents
  • The ability to operate in ambiguous situations and be flexible as the organization changes and grows.
  • Previous experience meeting industry standard compliance regulations (SOC2, ISO, SOX, etc.)

At Chainalysis, we help government agencies, cryptocurrency businesses, and financial institutions track and investigate illicit activity on the blockchain, allowing them to engage confidently with cryptocurrency. We take care of our people with great benefits, professional development opportunities, and fun.

You belong here.

At Chainalysis, we believe that diversity of experience and thought makes us stronger. We encourage applicants across any race, ethnicity, gender/gender expression, age, religion, ability and experience. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. We can’t wait to meet you.