Principal SOC Analyst

US or EU Remote (excluding France and Australia)

Consensys is the leading blockchain and web3 software company founded by Joe Lubin, CEO of Consensys and Co-Founder of Ethereum. Since 2014, Consensys has been at the forefront of innovation, pioneering technological developments within the web3 ecosystem.

Through our product suite, including the MetaMask platform, Infura, Linea, Diligence, and our NFT toolkit Phosphor, we have become the trusted collaborator for users, creators, and developers on their path to build and belong in the world they want to see.

Whether building a dapp, an NFT collection, a portfolio, or a better future, the instinct to build is universal. Consensys inspires and champions the builder instinct in everyone by making web3 universally easy to use and develop on.

Our mission is to unlock the collaborative power of communities by making the decentralized web universally easy to access, use, and build on. 

You’ll get to work on the tools, infrastructure, and apps that scale these platforms to onboard one billion participants and 5 million developers. You’ll be constantly exposed to new concepts, ideas, and frameworks from your peers, and as you work on different projects — challenging you to stay at the top of your game. You’ll join a network of builders that reaches the edge of our ecosystem. Consensys alumni have moved on to become tech entrepreneurs, CEOs, and team leads at tech companies. 

About the role:

As a key member of our SOC, you'll drive security objectives and improvements across both web2 and web3 environments. You'll set standards for our Analyst Team, developing processes and playbooks for a world-class Security Operation that spans traditional and blockchain-based technologies. Your expertise will be crucial in addressing complex security incidents, providing insights, and driving continuous improvement. With a passion for security, you'll stay current on emerging trends in both domains, analyze new threats, and lead investigations into exciting incidents. This role bridges conventional cybersecurity with web3, ensuring comprehensive protection across our entire technological landscape.

Responsibilities will include:

• Monitor and analyze real-time data from traditional networks, blockchain networks, and web applications.
• Investigate security incidents and vulnerabilities across web2 and web3 environments.
• Utilize and interpret results from various security tools, including SIEM, IDS/IPS, cloud security systems, and blockchain-specific platforms.
• Develop and implement incident response procedures for both traditional and blockchain-related security issues.
• Create automation scripts to enhance efficiency in detecting and responding to security threats in all environments.
• Design and maintain comprehensive incident response playbooks covering both web2 and web3 ecosystems.
• Stay updated on emerging cybersecurity trends, including traditional threats and crypto/blockchain-specific vulnerabilities.
• Assess and mitigate risks in both traditional IT infrastructure and web3 systems, including smart contracts and DeFi protocols.
• Integrate multiple data streams from networks, applications, and blockchain sources into near real-time security dashboards.
• Mentor team members on security best practices spanning both web2 and web3 technologies.
• Produce technical advisories on various cybersecurity issues for internal teams and partners.
• Participate in 24/7 on-call rotation for urgent security incidents across all platforms.
• Develop cross-platform security strategies that address both traditional and blockchain-based threats.
• Manage and optimize SIEM deployments, including writing and tuning queries in relevant languages, integrating diverse logging sources, and efficiently managing data retention and analysis to enhance threat detection and response capabilities across both web2 and web3 environments.

Qualifications: 

• 6+ years of experience in IT Security, specifically in a SOC environment, with exposure to both traditional and blockchain-based systems.
• Deep understanding of incident response best practices and processes across web2 and web3 environments.
• Experience with security tools for detection, diagnosis, containment, and remediation in both traditional and blockchain networks.
• Familiarity with defense methods and techniques applicable to both conventional and crypto-asset protection.
• Strong awareness of the cybersecurity landscape, including traditional threats and blockchain-specific vulnerabilities, with competence in malware analysis, root cause analysis, threat intelligence, SOAR, and EDR.
• In-depth knowledge of managing security in cloud and decentralized environments, including vulnerability management, protective monitoring, and incident management.
• Working knowledge of security compliance, assurance, risk management, business continuity, data protection, and main security standards (ISO2700x, CIS, NIST, SOC2), including emerging standards for blockchain security.
• Highly developed, process-oriented skills for troubleshooting and problem-solving across diverse technological environments.
• Experience with containerized environments, microservices, and their security implications, including container security and secrets management (Docker/Kubernetes/AKS).
• Scripting experience in Python/Bash/Go or equivalent, with the ability to analyze and interact with smart contracts.
• Understanding of blockchain technologies, consensus mechanisms, and common vulnerabilities in smart contracts and DeFi protocols.
• Excellent verbal and written English skills, with the ability to communicate complex security concepts to both technical and non-technical audiences.

Nice to have:

• Experience managing security in multi-cloud and decentralized environments.
• Qualifications and certifications from information security bodies such as GIAC, ISC2, ISACA, ISA, CompTIA, or blockchain-specific certifications.
• Technological degree in Computer Science, Cybersecurity, or equivalent.
• Experience with blockchain forensics tools and techniques.
• Knowledge of cryptography and its applications in both traditional and blockchain systems.
• Familiarity with regulatory frameworks affecting both traditional finance and crypto assets.
• Contributions to open-source security projects or blockchain protocols.
• Experience in auditing smart contracts or conducting security assessments of DeFi protocols.

Don't meet all the requirements? Don't sweat it. We’re passionate about building a diverse team of humans and as such, if you think you've got what it takes for our chaotic-but-fun, remote-friendly, start-up environment—apply anyway, detailing your relevant transferable skills in your cover letter. While we have a pretty good idea of what we need, we're ready for you to challenge our thinking on who needs to be in this role.

It is a requirement of employment in this position that applicants will be required to submit to background checks including but not limited to employment, education and criminal record checks. Further details will be provided to applicants that successfully meet the criteria for the position as determined by the company in its sole discretion. By submitting an application for employment, you are acknowledging and consenting to this requirement.