Security Operations Engineer (f/m)

We're making the world of digital assets accessible and secure for everyone. Join the mission. 
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 25% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 7 millions units already sold in 200 countries. 
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Hear from our employees how they shape the work we do here.

Your mission

• Ledger is seeking a Security Operations Engineer with experience in scale-up environments and an interest in Web3 and blockchain security.
• In this role, you will contribute to detecting and mitigating threats across Ledger's infrastructure, managing SaaS security tools, and conducting threat-hunting activities. While some collaboration on blockchain-related risks will occur with the Donjon (Product Security Team), the primary focus is on operational security, including threat detection, automation, and incident response.
• This is an excellent opportunity to secure a fast-paced, SaaS-heavy environment while engaging with innovative Web3 technologies.

In this role you will:

• Security Monitoring & Incident Response: Monitor and analyze security events using tools like Sekoia (SIEM) and SentinelOne (EDR) to identify and mitigate threats effectively. Develop and refine detection logic, including Indicators of Compromise (IOCs), to improve threat visibility and detection. Lead incident response activities, ensuring swift containment and remediation of threats.
• Threat Hunting: Proactively hunt for threats across SaaS and cloud environments, identifying malicious behaviors or advanced persistent threats (APTs).Integrate Cyber Threat Intelligence (CTI) and OSINT into threat-hunting processes to anticipate and mitigate risks.
• SaaS and IAM Security: Manage and secure SaaS applications, including Google Workspace, and implement best practices for IAM systems like OKTA. Strenghten access policies, monitor user activity, and mitigate IAM-related security risks.
• Blockchain Collaboration: Work with the Donjon (Product Security Team) to provide operational support for blockchain-related risks, such as integrating relevant detection logic into SIEM or responding to specific blockchain-related incidents. This collaboration complements your primary responsibilities and allows you to engage with Web3 threats without being the primary owner of these risks.
•  Automation and Efficiency: Implement security automation workflows using GitHub Actions or similar tools to streamline detection, triage, and response processes.
• Vulnerability Management: Monitor and prioritize vulnerabilities using tools like Wiz and SBOM registries, ensuring timely remediation across SaaS and cloud environments.
• Collaboration & Documentation: Collaborate with Threat Intelligence, Engineering, and Product Security teams to align and enhance security practices/ Document playbooks, detection rules, and threat-hunting methodologies to ensure operational efficiency and knowledge sharing.

What we’re looking for:

• Professional Experience: 3+ years of experience in security operations, preferably in scale-up environments. Familiarity with Web3 and blockchain security risks, with an understanding that blockchain-specific efforts will involve collaboration with the Donjon team.
• Technical Skills: Hands-on experience with SIEM tools (e.g., Sekoia) and detection logic development. Proficiency in EDR platforms (e.g., SentinelOne) and threat-hunting methodologies, including IOC management. Strong knowledge of SaaS security tools (e.g., Google Workspace) and IAM systems (e.g., OKTA). Experience with vulnerability management tools like Wiz and cloud security best practices.
• Soft Skills: Strong analytical and problem-solving abilities with a proactive approach to security challenges. Clear and effective communication skills for collaboration with cross-functional teams.A passion for learning and knowledge sharing.

What's in it for you:

• Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow. 
• Flexibility: A hybrid work policy.
• Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
• Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage. 
• Well-being: Personal development, coaching & fitness with our dedicated partners.
• Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
• High tech: Access to high performance office equipment and gadgets, including Apple products. 
• Transport: Ledger reimburses part of your preferred means of transportation. 
• Discounts: Employee discount on all our products.

We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.