Staff Threat Detection Engineer

Chainalysis is a leader in blockchain technology, providing data, services, and solutions to help organizations navigate blockchains safely and confidently.

### In this role, you’ll: - Lead Detection Strategy: Own the end-to-end roadmap for corporate threat detection, mapping coverage against frameworks like MITRE ATT&CK. - Engineer High-Fidelity Detections: Design and maintain scalable detection logic across SIEM, EDR, and cloud logging platforms (AWS/GCP). - Conduct Threat Hunting: Plan and execute hypothesis-driven hunting campaigns to uncover novel TTPs and turn findings into durable controls. - Perform Risk Modeling: Lead threat assessments and design reviews for new technology onboarding and product design changes. - Optimize Response: Partner with Incident Response to refine alert quality, automate triage playbooks, and reduce time-to-containment. - Mentor & Influence: Provide technical leadership and mentorship to the DaRE team while influencing product teams to improve visibility and remediate gaps.

### We’re looking for candidates who have: - 8+ years of experience in detection engineering, SOC, or incident response at scale. - Deep expertise in building and tuning detections within SIEM, EDR, and log analytics platforms. - Advanced proficiency in writing complex detection queries (e.g., KQL, SPL, SQL). - Demonstrated experience detecting modern attacker TTPs across endpoint, identity, and cloud environments. - Strong scripting skills (Python, Bash) for automation and enrichment. - Proven ability to lead cross-functional security initiatives with IT and Engineering stakeholders. ### Nice to have experience: - Experience leading threat hunting in cloud-first or SaaS-heavy environments. - Familiarity with securing AI integrations and managing associated security risks. - Knowledge of blockchain ecosystems and threats specific to the Web3/Crypto space. - Prior experience in a Staff-level technical leadership or mentorship role. - Red teaming experience against web technologies - OSINT and investigations.

Chainalysis is a blockchain data platform providing intelligence, risk management, compliance, investigation software, and services to government agencies, financial institutions, cryptocurrency businesses, and other organizations. It helps track illicit activities, ensure regulatory compliance, prevent fraud, and support growth in the crypto ecosystem, serving over 1500 customers across 70+ countries. The platform has been used in high-profile cases like the Mt. Gox hack, Silk Road, and FTX collapse.