Senior Security Operations Engineer

**About the role**:
Zero Hash is looking for an experienced and passionate Senior Security Operations Engineer to join our Security team. In this role, your passion for Security and Operations will be used to continue to improve the process and operational capabilities of security for our Infrastructure and development as well as collaborate across the organization to continue to drive a mentality of, “Security being a team effort.”

**#LI-Remote**

**Responsibilities**:

- Take an active role as a co-owner of security operations to ensure processes and procedures are built, maintained, and operated with security, efficiency and effectiveness in mind.
- Assess, triage, and prioritize security alerts from logging and monitoring systems
- Design, implement, configure, and support security and IT solutions and tools (e.g., SIEM, IDPS, IAM, MDM)
- Conduct vulnerability assessment, determine deviations from acceptable configurations, and assess the level of risk; recommend appropriate mitigation countermeasures
- Work in collaboration with SRE, IT, cloud operations, and engineering teams to secure our AWS environment; define a unified incident response process, complete with performance metrics and post mortems
- Oversee security assessments, including penetration tests of the production environment
- Keep abreast of tools, techniques, and process improvements in support of security detection and analysis in accordance with current and emerging threat and attack vectors.
- Assist in digital forensic activities including collect, process, preserve, analyze, and present evidence in support of vulnerability mitigation, and investigations
- Perform cyber defense analysis by using data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, Cloud Trails) to analyze events for the purposes of mitigating threats.
- Represent the security needs of the organization by providing security expertise and assistance in IT projects.
- Provide educational resources about security policies and consult on security issues regarding users or managed systems.
- Develop incident response procedures, playbooks, work instructions, and automated solutions.
- May require work nights, weekends, or holidays on a rotational basis with the rest of the team to ensure 24x7 coverage.
- Supports our CISO in additional security projects, as needed

**About you**:

- BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus
- Minimum 10+ years of cybersecurity experience, 5 of which include being in a SOC/CSIRT environment
- Experience investigating cybersecurity events and incidents using a full suite of alerting and response tools, digital forensic or malware analysis tools
- Experience with one major SIEM system
- Hands-on experience working with AWS services and tools such as IAM, CloudTrail, CloudWatch, SecurityHub, GuardDuty, Inspector, Shield, WAF, KMS, Secrets Manager, Lambda, CloudWatch, PagerDuty
- Demonstrable knowledge of Information Security attack methods and techniques
- Experience creating and maintaining threat models
- Strong understanding of networking basics, including firewall, IDPS, and segmentation
- Familiar with serverless compute such as AWS Lambda and container implementations with EKS, Kubernetes, etc.
- As much experience across the following technologies: EDR, Firewall, Network protocols, Linux security events, Phishing mitigation, DLP, IAM, and VPN.
- CISSP, OSCP, GIAC, and or AWS Certified Security Specialty a plus.
- Experience with CICD and api automation.
- Experience working with IaaC infrastructure (Terraform preferer)
- Experience with python and bash (or AppleScript) to build automation and scripting.

**Benefits Offered**
We believe a happy, motivated, and healthy team is the best way to succeed. We offer the following benefit
- Healthcare Insurance: Zero Hash covers roughly 100% of employee premiums (U.S. Only)
- Chance to earn equity
- Vision Insurance (U.S. Only)
- Dental Insurance (U.S. Only)
- Maternity & Paternity leave
- Visa sponsorship
- 401k (U.S. Only)

**About Zero Hash**
Zero Hash is a crypto-as-a-service API that enables any platform to integrate digital assets natively into their customer experience quickly and easily (a matter of API endpoints). We power neo-banks, broker-dealers, and payment groups to offer digital asset trading and custody, crypto-backed rewards and round-up programs.
Our thesis is very simple: every financial services firm will offer digital assets within the next 2 years and will do so through platforms such as Zero Hash. Zero Hash is defining the new FinTech vertical of crypto-as-a-service.
Clients include MoneyLion, Wirex, Deserve, MoonPay, Tastytrade. Backed by Point72 Ventures, NYCA, Bain Capital, Tastytrade.

**The Zero Hash Culture**
All Zero Hash employees are guided by the following characteristics and core principles:

- Independence/Ownership - An ability to work autonomously. J