SOC Manager

Focused on developing products and services for the digital assets sector, Bullish has rewired the traditional exchange to benefit asset holders, enable traders and increase market integrity. Supported by the group’s treasury, Bullish’s new breed of exchange combines deep liquidity, automated market making and industry-leading security and compliance to increase the accessibility of digital assets for investors. Bullish exchange is operated by Bullish (GI) Limited and is fully regulated in Gibraltar.Mission: To make trading with digital assets more rewarding and secure.​Vision: To be the most innovative, respected, and trusted leader in crypto.

Reports to:

Head of Security Engineering

Bullish is seeking someone highly experienced in Security Operations and Incident Response to join the SOC team. The successful candidate will act as the local manager for SOC analysts within the US and will be the primary escalation point for the region with the responsibility of Incident Manager.

The successful candidate will be expected to take part in the on-call rota to periodically provide cover for addressing any high and critical events outside normal working hours

This position reports to the Global Head of Security Operations based in Hong Kong.

This position is an on-site role, the successful candidate will work in our New York office.

Role & Responsibilities

• Provide supervision to SOC Analysts based in the US.

• Act as the primary escalation point for the region and perform the role of Incident Manager.

• Manage day to day activities of Bullish Security Operations Center (SOC) ensuring Service Level Objectives are met.

• Monitor and respond to security incidents, perform containment and forensic investigations.

• Coordinate with various teams across the organization for security incident response.

• Identify gaps from incidents and recommend controls for improvement.

• Develop and maintain incident playbooks and SOPs.

• Develop detection use cases in SIEM.

• Analyze security event data for proactive threat hunting.

• Conduct research on latest threats and vulnerabilities to improve incident response readiness and capabilities.

• Organize or take part in Tabletop and Red/Purple team exercises to improve the organization's incident response readiness.

• Update policies and procedures as needed to ensure compliance with regulatory requirements.

Experience & Qualifications

• 5+ years of verifiable experience in Security Operations and Incident Response.

• Experience in performing the role of an Incident Manager.

• Experience in performing analysis with SIEM technologies such as Splunk and / or Google Chronicle.

• Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks.

• Understanding and working knowledge of security controls/tools such as host-based and network-based IDS/IPS, WAF, EDR, etc.

• Understanding of networking protocols, operating systems and cyber security concepts and technologies.

• CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User or similar certifications are highly advantageous.

• Other security certification from recognized bodies is a plus.

• Experience in forensic tools and malware analysis is a plus.

• Experience with Cloud environments such as AWS and GCP is a plus.

• Ability to work across different regions in a process/procedure driven organization.

• BS/BA degree in Cyber Security/Computer Science or equivalent combination of related work experience desired.

• Excellent verbal and written presentation skills with a proficiency

Annual Base Salary

• US$157,120 to US$214,281

Bullish is proud to be an equal opportunity employer. We are fast evolving and striving towards being a globally-diverse community. With integrity at our core, our success is driven by a talented team of individuals and the different perspectives they are encouraged to bring to work every day.