Apply on Employer Site

Chainlink Labs · 2 weeks ago

Security Response Engineer, Incident Response

United States

Full-time

Remote

Mid, Senior Level

Chainlink Labs is the industry-standard oracle platform powering decentralized finance. As a Security Response Engineer, you will own the full security incident response lifecycle, coordinating high-severity incidents and improving response capabilities through collaboration and operational responsibilities.

BlockchainInternetSoftwareWeb3

Responsibilities

Own and improve the incident response lifecycle: act as incident commander for high-severity incidents

Join the team's on-call rotation: triage inbound alerts/escalations, coordinate internal and company-wide incidents

Improve response readiness: create and automate playbooks, conduct tabletop exercises

Address security telemetry gaps: improve existing or build/deploy new tools

Increase detection quality: write and tune high-signal detections (in Sigma)

Proactively identify and implement areas of improvement and modernization

Qualification

Incident response leadershipHands-on investigationDetections experienceOperational rigorPythonGoRustSigmaBlockchain threatsOpen-source contributions

Required

Proven incident response leadership: experience as primary coordinator for high-severity incidents involving multiple teams and external stakeholders

Hands-on investigation experience: expertise performing triage, scoping, containment across endpoint, cloud, and/or network based incidents

Detections experience: ability to create and refine detections based on investigations and threat intelligence

Operational rigor: comfortable stepping through all phases of an incident, working with runbooks, handling the communication cadence of an incident (internal/stakeholder), root cause analysis and post-mortem learnings

Previous coding experience (Python, Go, Rust, or similar): scripting for data parsing/enrichment and simple automations