Senior SOC Engineer

Key Responsibilities:

• Security Operations Center Management
• Lead security monitoring operations for cryptocurrency exchange infrastructure, trading platforms, and digital wallet systems
• Oversee real-time analysis of security events, alerts, and anomalies across blockchain networks, trading engines, and customer-facing applications
• Coordinate incident response activities for security breaches, suspicious trading activities, and potential fraud attempts
• Manage and optimize SIEM platforms, security orchestration tools, and automated response systems
• Develop and maintain security playbooks specific to cryptocurrency exchange operations and digital asset protection


• Insider & Threat Intelligence Analysis
• Monitor dark web marketplaces, criminal forums, and threat actor communications for indicators targeting cryptocurrency businesses
• Conduct tactical, operational, and strategic threat assessments specific to digital asset platforms
• Develop threat intelligence feeds and indicators of compromise (IoCs) relevant to cryptocurrency security
• Collaborate with external threat intelligence providers and cryptocurrency security communities
• Design and implement comprehensive insider threat detection programs tailored to cryptocurrency exchange environments
• Analyze user behavior patterns to identify potential malicious insider activities or account compromises
• Conduct investigations into suspicious employee activities, unauthorized access attempts, and data exfiltration


• Incident Response & Forensics
• Lead incident response efforts for security breaches, fund theft attempts, and system compromises
• Conduct digital forensics investigations on cryptocurrency-related security incidents
• Coordinate with law enforcement, regulatory bodies, and external security firms during major incidents
• Develop and maintain incident response procedures specific to cryptocurrency exchange operations
• Create post-incident reports and recommendations for security improvements

Required Qualifications:

• Technical Skills
• Experience: Minimum 5+ years in SOC operations, preferably in financial services or cryptocurrency exchanges
• Certifications: CISSP, GCIH, GCFA, GNFA, GCTI, CEH, or equivalent security certifications required
• SIEM Expertise: Advanced proficiency with SIEM platforms (Sumo Logic, Splunk, QRadar, Sentinel, etc.)
• Threat Intelligence: Experience with threat intelligence platforms (MISP, ThreatConnect, Anomali) and frameworks (MITRE ATT&CK, Diamond Model)
• Programming/Scripting: Proficiency in Python, PowerShell, or similar languages for automation and analysis
• Cloud Security: Experience securing cloud infrastructure (AWS, Azure, GCP) and container environments

Preferred Qualifications:

• Additional certifications: CISSP, CISM, GCTI, GCFA, CEH, or cryptocurrency-specific certifications
• Experience with insider threat analysis tools and methodologies (Securonix, Exabeam, Splunk UBA, Microsoft Sentinel UEBA)
• Background in behavioral analytics, user activity monitoring, and privileged access management