Security Operations Tech Lead

Fireblocks’ platform and network provide the simplest and most secure way for companies to work with digital assets and it is trusted by some of the largest financial institutions, banks, globally-recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more.

• Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities. • Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance. • Mentor a team of SecOps experts, providing technical guidance in a fast-paced environment. • Research how to leverage security telemetry and existing security solutions to improve triage and automated response. • Work cross-functionally to refine and evolve agentic workflows that drive automated security operations. • Coordinate investigation, containment, and other response activities with business stakeholders and groups. • Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis. • Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

• 5+ years experience working in an Incident Response/Cyber Security Operations Center (in-house or outsourced) addressing, escalating, and managing security incidents and creating incident reports. • Extensive experience in managing the lifecycle of security incidents in a global, 24/7 production environment. • Collaborating with various cross-organizational stakeholders to drive incident response and remediation. • Development of common runbooks for most frequent or critical incident types. • Strong development fundamentals with experience delivering and maintaining production-grade code. • Coding & Scripting: Hands-on programming experience (Python, Bash, etc.) with proven ability to build automation processes. • Proven expertise in attack and mitigation methods within Cloud and SaaS environments. • Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix, and MacOS (Advantage), including host-based forensics and experience with analyzing OS artifacts. • Problem solver, an in-depth thinker with a growth mindset. • Excellent communication skills and ability to work collaboratively with other teams.

Fireblocks provides enterprise-grade digital asset and stablecoin infrastructure, enabling secure storage, transfer, tokenization, and management of digital assets for financial institutions. It serves fintechs, exchanges, banks, trading firms, payments providers, Web3 businesses, and startups with solutions for payments, tokenization, and blockchain operations.