The world of digital assets is accelerating in speed, magnitude, and complexity, opening the door to new ways for leveraging the blockchain. Fireblocks’ platform and network provide the simplest and most secure way for companies to work with digital assets and it trusted by some of the largest financial institutions, banks, globally-recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more. 

The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. You’ll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further! 

Responsibilities 

• Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.


• Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance.


• Mentor a team of SecOps experts, providing technical guidance in a fast-paced environment.


• Research how to leverage security telemetry and existing security solutions to improve triage and automated response.


• Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.


• Coordinate investigation, containment, and other response activities with business stakeholders and groups.


• Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis


• Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

Minimum Requirements 

• 5+ years experience working in an Incident Response/Cyber Security Operations Center (in-house or outsourced) addressing, escalating, and managing security incidents and creating incident reports.




• Extensive experience in managing the lifecycle of security incidents in a global, 24/7 production environment..


• Collaborating with various cross-organizational stakeholders to drive incident response and remediation.


• Development of common runbooks for most frequent or critical incident types.




• Strong development fundamentals with experience delivering and maintaining production-grade code.


• Coding & Scripting: Hands-on programming experience (Python, Bash, etc.) with proven ability to build automation processes.


• Proven expertise in attack and mitigation methods within Cloud and SaaS environments 


• Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix, and MacOS (Advantage), including host-based forensics and experience with analyzing OS artifacts.


• Problem solver, an in-depth thinker with a growth mindset.


• Excellent communication skills and ability to work collaboratively with other teams 

Preferred Qualifications

• Bachelor's degree in Computer Science, Information Technology, or related field


• Solid understanding of LLM concepts and architectures, with hands-on experience applying them in practice.