Senior Security Operations Engineer (f/m)
Portland, United States
Ledger
Secure your crypto assets such as Bitcoin, Ethereum, XRP, Monero and more. Give yourself peace of mind by knowing that your cryptocurrencies are safe
We're making the world of digital assets accessible and secure for everyone. Join the mission.
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 25% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 7 millions units already sold in 200 countries.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Hear from our employees how they shape the work we do here.
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 25% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 7 millions units already sold in 200 countries.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Hear from our employees how they shape the work we do here.
Your mission
- Ledger is seeking a Senior Threat Hunter & Automation Engineer with extensive experience in scale-up environments to strengthen and optimize our security operations.
- This role will focus on maintaining and enhancing security monitoring, detection, and response capabilities, with a specific emphasis on developing and refining detection logic in our SIEM (Sekoia).
- The ideal candidate will bring expertise in securing SaaS platforms, Google Workspace, and IAM (e.g., OKTA), while contributing to the scalability and efficiency of our security tools and processes.
- This is a technical, hands-on role for someone who thrives in dynamic environments and has a strong background in cloud and SaaS security.
In this role you will:
- Detection Logic Development: Design, implement, and optimize detection rules in the SIEM (Sekoia) to improve threat detection accuracy and reduce false positives. Collaborate with the Threat Intelligence team to integrate CTI (Cyber Threat Intelligence) into detection workflows.
- Security Monitoring & Response: Monitor and analyze security events using Sekoia (SIEM) and SentinelOne (EDR), ensuring rapid identification and mitigation of threats. Lead technical investigations and coordinate with stakeholders to resolve security incidents effectively.
- SaaS and Google Workspace Security: Manage and secure SaaS applications, with a focus on Google Workspace, ensuring configurations meet security best practices.
- Identify and Access Management (IAM): Administer and optimize IAM systems like OKTA, implementing robust access control policies and automating user lifecycle management.
- Automation and Process Improvement: Develop and enhance automation workflows using GitHub Actions or other tools to streamline detection and response processes.
- Vulnerability Management: Identify, prioritize, and remediate vulnerabilities in cloud and SaaS environments using tools like Wiz and SBOM registries.
- Collaboration and Enablement: Work closely with Engineering, Infrastructure, and GRC teams to align security practices with organizational goals. Provide technical guidance and support to team members, ensuring alignment with best practices.
- Documentation and Knowledge Sharing: Create and maintain playbooks, runbooks, and documentation for detection logic and incident response processes.
What we’re looking for:
- Professional Experience: 7+ years in security operations, preferably in scale-up environments with a focus on SaaS platforms and cloud infrastructure. Hands-on experience developing detection logic for SIEM tools (e.g., Sekoia, Splunk).
- Technical Skills: Proficiency in configuring and managing SIEM tools, with a focus on custom detection logic and rule optimization. Expertise in EDR (e.g., SentinelOne), IAM systems (e.g., OKTA), and SaaS security (e.g., Google Workspace). Solid understanding of vulnerability management tools like Wiz and cloud security best practices (AWS preferred).
- Soft Skills: Strong analytical skills for incident investigation and threat analysis. Excellent collaboration and communication abilities to work across teams and share knowledge effectively.
What's in it for you:
- Working schedule: Monday to Friday, standard working hours, hybrid (2 days in the office / week)
- Training: Get trained and gain experience in one of today's most exciting and growing industries
- Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
- Flexibility: A hybrid work policy
- Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
- Well-being: Personal development, coaching & fitness with our dedicated partners
- Vacation: 20 days of paid leave per year
- Retirement: 401k with employer match
- High tech: Access to high performance office equipment and gadgets, including Apple products
- Transport: Ledger reimburses part of your preferred means of transportation
- Discounts: Employee discount on all our products.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Incident Response Jobs
Security Engineering Jobs
Tags: Automation AWS Cloud Crypto EDR GitHub IAM Incident response Monitoring Okta SaaS SBOM SIEM Splunk Threat detection Threat intelligence Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Career development Equity / stock options Fitness / gym Health care Insurance Medical leave Team events Transparency
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSecurity Consultant jobsSenior Penetration Tester jobsIT Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsStaff Security Engineer jobsIT Security Analyst jobsInformation System Security Officer (ISSO) jobsPrincipal Security Engineer jobsCloud Security Architect jobsCyber Security Architect jobsSystems Engineer jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobs
CI/CD jobsSaaS jobsMalware jobsForensics jobsEncryption jobsEDR jobsIDS jobsSplunk jobsTop Secret jobsIPS jobsRMF jobsSDLC jobsSQL jobsIntrusion detection jobsBash jobsCompTIA jobsThreat detection jobsDoDD 8570 jobsOWASP jobsITIL jobsFinance jobsDocker jobsActive Directory jobsTCP/IP jobsCRISC jobs
IT infrastructure jobsGIAC jobsVPN jobsHIPAA jobsUNIX jobsBanking jobsTerraform jobsClearance Required jobsSANS jobsJavaScript jobsDNS jobsPolygraph jobsSOX jobsCISO jobsOSCP jobsAnsible jobsCCSP jobsMITRE ATT&CK jobsSOC 2 jobsJira jobsGCIH jobsData Analytics jobsCryptography jobsCyber defense jobsSOAR jobs