Security Engineer

Security Engineer - Galaxy

About Galaxy

Galaxy is a global leader in digital assets and data center infrastructure, driving innovation in finance and artificial intelligence. We build the products and services that power the future of Web3 and AI, connecting institutions, startups, and developers in a digitally native economy.

About the Role

We are seeking a Security Engineer to join our Security Operations Center (SOC) team. You will play a critical role in developing, maintaining, and optimizing detection use cases, threat hunting queries, and response automation within our SOC environment.

Responsibilities

• Develop and implement security monitoring and detection rules and playbooks.
• Conduct threat hunting activities to proactively identify and mitigate potential threats.
• Analyze security alerts and incidents, determining root cause and implementing appropriate remediation actions.
• Collaborate with other security team members to enhance detection and response capabilities.
• Stay abreast of emerging threats and vulnerabilities, adapting security strategies accordingly.
• Contribute to the development and maintenance of security documentation and training materials.

Qualifications

• 3+ years of experience in a security operations or threat intelligence role.
• Strong understanding of security principles, best practices, and industry standards.
• Experience with security information and event management (SIEM) systems and threat intelligence platforms.
• Proficiency in scripting languages (e.g., Python, Bash) for automation and analysis.
• Excellent analytical and problem-solving skills.
• Strong communication and collaboration skills.

Qualifications

Required:

• 3+ years of experience in a Security Operations Center (SOC) environment.
• Strong understanding of security principles, best practices, and industry standards.
• Proficiency in developing and maintaining security detection use cases and threat hunting queries.
• Experience with security information and event management (SIEM) systems and threat intelligence platforms.
• Familiarity with scripting languages (e.g., Python, Bash) for automation and analysis.
• Excellent analytical and problem-solving skills with the ability to investigate and respond to security incidents.
• Strong communication and collaboration skills to effectively work with cross-functional teams.

Preferred:

• Experience with cloud security platforms (e.g., AWS, Azure, GCP).
• Knowledge of blockchain security concepts and best practices.
• Certifications such as CISSP, CISM, or Security+ are a plus.
• Experience with incident response and forensic analysis.

Security Operations

• Develop, implement, and maintain security monitoring use cases and threat hunting queries across various security tools and platforms.
• Conduct proactive threat hunting activities to identify and investigate potential security incidents.
• Analyze security alerts and events, determining their severity and potential impact.
• Develop and automate incident response playbooks to ensure timely and effective remediation.
• Collaborate with other security team members to investigate and resolve security incidents.
• Stay abreast of emerging threats, vulnerabilities, and security best practices.
• Contribute to the development and improvement of security policies and procedures.
• Participate in security awareness training and exercises.

Technical Expertise

• Proficient in using security information and event management (SIEM) systems.
• Experience with threat intelligence platforms and data sources.
• Knowledge of common attack vectors and malware techniques.
• Familiarity with scripting languages (e.g., Python, Bash) for automation.
• Understanding of network security principles and protocols.
• Experience with cloud security platforms and services.

Galaxy's hiring process for a Security Engineer begins with a review of applications, focusing on relevant experience and skills. Shortlisted candidates are invited for a phone screening to assess their technical knowledge and cultural fit. Those who excel move on to a technical interview, where they delve deeper into security concepts and problem-solving abilities.

A final round involves a practical assessment, simulating real-world security scenarios. Throughout the process, Galaxy emphasizes transparency and provides candidates with clear feedback at each stage. The goal is to identify a Security Engineer who not only possesses the technical expertise but also aligns with Galaxy's values of excellence, collaboration, and a commitment to shaping the future of Web3 and AI.

Galaxy is a global leader driving innovation in digital assets and data center infrastructure. They provide solutions that accelerate progress in finance and artificial intelligence, believing blockchain and digital assets will transform how value moves through the world. Galaxy's institutional digital assets platform encompasses trading, investment banking, asset management, staking, self-custody, and tokenization technology. They also invest in and operate cutting-edge data centers, powering AI and high-performance computing.

Led by CEO and Founder Michael Novogratz, Galaxy's team blends deep crypto expertise with institutional experience, shaping the future of Web3 and AI. Headquartered in New York City, Galaxy has offices across North America, Europe, the Middle East, and Asia.