Operations Security Engineer

We are seeking an experienced Operations Security Engineer to support and enhance the security posture of our infrastructure, both on-premises and in the cloud (specifically in GCP). In this role, you will leverage your expertise in automation tools, scripting, and security best practices to perform regular assessments, maintain secure configurations, and respond to potential threats. You will also play a critical role in operating and optimizing our Security Information and Event Management (SIEM) solution.

* Please note that this role requires in-office work from our amazing office in Zurich 3 days per week

Key Responsibilities

Data Center & Cloud Security

• Maintain and improve security controls in both on-premise data center and third-party cloud platforms like Google Cloud Platform (GCP), Amazon Web Services (AWS) and Microsoft’s Azure
• Collaborate with DevOps, IT, and engineering teams to ensure secure configuration and deployment of services.

Automation & Scripting

• Develop and maintain automation scripts using Terraform, Ansible, Python, and Bash to streamline security operations.
• Implement infrastructure-as-code (IaC) principles to improve consistency and repeatability.

Security Assessments

• Conduct regular security audits and vulnerability assessments of servers, network devices, and cloud resources.
• Recommend and implement mitigation strategies for identified risks and vulnerabilities.

Network Security & Inventory Management

• Drive network segregation initiatives to minimize the attack surface and contain potential breaches.
• Oversee hardware and software inventory management, ensuring all components comply with security standards.

SIEM Operations

• Manage day-to-day SIEM activities, including log ingestion, correlation rule development, and real-time monitoring.
• Analyze alerts and investigate security incidents, escalating or remediating as appropriate.

Collaboration & Best Practices

• Work cross-functionally with various teams (e.g., IT, DevOps, Incident Response) to align security objectives and best practices across the organization.
• Contribute to the development and maintenance of security policies, procedures, and documentation.

Qualifications

Education & Experience

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent work experience).
• Proven experience in operations security, with a strong focus on both on-premises data centers and cloud environments.

Technical Skills

• Strong experience in deploying, operating, and optimizing Elastic SIEM within the Elastic Stack (ELK), including log ingestion, alerting, and event correlation.
• Proficient in Kibana for data visualization, querying, and building dashboards to support threat detection and incident response.
• Hands-on experience working in a Security Operations Center (SOC) or a similar security-focused environment.
• Proficiency with configuration management and automation tools (Terraform, Ansible), scripting (Python, Bash), and command-line interfaces.
• Strong Experience with security assessment methodologies, including vulnerability scanning, penetration testing, and configuration audits.
• Well-versed in network security best practices, including network segmentation strategies, firewall configurations, and related security measures.
• Familiarity with blockchain and cryptocurrency technologies is a plus
• Experience in fine-tuning base LLM models for security operations is a plus.
• Knowledge of Digital Forensics and Incident Response (DFIR) is a plus.

Soft Skills

• Excellent problem-solving and analytical skills, with the ability to interpret security logs and alerts.
• Effective communication skills for cross-team collaboration and reporting to stakeholders.
• Strong organizational skills and attention to detail.

About DFINITY and the Internet Computer:

DFINITY is a leading contributor to the Internet Computer Protocol (ICP), with a mission to bring the world's compute onto the secure ICP network. Built on its unique third-generation blockchain technology, ICP enables the development and operation of a new generation of unstoppable, tamper-proof, fully decentralized web applications. Its powerful technology can run entire AI models within smart contracts, representing a major advancement for secure AI. Through seamless integration with Bitcoin, Ethereum, and other networks, ICP facilitates multi-chain operations for digital assets and web3.
Join our team of over 250 talented individuals, including world-renowned cryptographers, distributed systems engineers, programming language experts, and industry leaders, who are shaping the future of the internet and web3.   DFINITY was founded in 2016 by entrepreneur and crypto theoretician, Dominic Williams.

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.