Founded in 2018 and already valued at over $8 billion, Fireblocks is a SaaS platform that helps companies to create innovative products on the blockchain and manage day-to-day crypto operations. Fireblocks is trusted by some of the largest financial institutions, banks, globally recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more, to securely scale digital asset operations through the Fireblocks Network and MPC-based wallet infrastructure. We have offices in New York, London, Tel Aviv, and Singapore, and we are continuing to expand our teams to reach new customers globally.

The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. You’ll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further! 

Responsibilities 

• Lead the design and implementation of AI-driven detection and response strategies to automate complex security investigations.
• Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
• Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance.
• Mentor a team of SecOps experts, providing technical guidance in a fast-paced environment.
• Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
• Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
• Coordinate investigation, containment, and other response activities with business stakeholders and groups.
• Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
• Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

Minimum Requirements 

• 5+ years experience working in an Incident Response/Cyber Security Operations Center (in-house or outsourced) addressing, escalating, and managing security incidents and creating incident reports.
• Extensive experience in managing the lifecycle of security incidents in a global, 24/7 production environment..
• Collaborating with various cross-organizational stakeholders to drive incident response and remediation.
• Development of common runbooks for most frequent or critical incident types.
• Strong development fundamentals with experience delivering and maintaining production-grade code.
• Coding & Scripting: Hands-on programming experience (Python, Bash, etc.) with proven ability to build automation processes.
• Proven expertise in attack and mitigation methods within Cloud and SaaS environments 
• Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix, and MacOS (Advantage), including host-based forensics and experience with analyzing OS artifacts.
• Problem solver, an in-depth thinker with a growth mindset.
• Excellent communication skills and ability to work collaboratively with other teams 

Preferred Qualifications

• Bachelor's degree in Computer Science, Information Technology, or related field
• Solid understanding of LLM concepts and architectures, with hands-on experience applying them in practice.