Staff SOC/CSIRT Engineer (f/m)

Posted 19 Days Ago
Be an Early Applicant
Paris, Île-de-France
Hybrid
Senior level
Software • Web3
The Role
The Staff SOC/CSIRT Engineer will lead SOC Level 3 activities, specializing in advanced incident response, threat detection, and analysis. They will optimize SIEM and SOAR processes, leverage threat intelligence for enhanced security measures, and oversee cloud security operations, ensuring effective monitoring and swift incident management across Ledger's infrastructure.
Summary Generated by Built In

We're making the world of digital assets accessible and secure for everyone. Join the mission. 


Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 15% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 600 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 5 millions units already sold in 180 countries.

At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust, and Transparency. Have a look at our Origins video here


Ledger is seeking a Staff SOC/CSIRT Engineer with extensive expertise in Security Operations Center (SOC) Level 3 activities. As part of Ledger's Security Operations Center (SecOps), you will join a dedicated team responsible for protecting company assets against cyber threats across cloud, corporate, and datacenter environments. The SecOps team's core mission encompasses threat anticipation, detection, and prevention throughout Ledger's infrastructure, operating independently from the Donjon team which handles product security.


This role focuses on advanced security operations, including the optimization of Sekoia (SIEM), SOAR processes, and the use of CTI and OSINT to enhance detection and response capabilities. As a key technical expert, you will handle complex incidents, optimize security toolsets, and lead proactive threat-hunting initiatives. This position is an individual contributor role designed for those with deep technical skills and a passion for elevating operational security excellence through comprehensive monitoring and incident management.

The mission

  • SOC Level 3 Expertise : Act as the primary responder for SOC Level 3 activities, managing advanced threat detection, incident response, and post-incident analysis. Conduct proactive threat-hunting exercises leveraging CTI (Cyber Threat Intelligence) and OSINT (Open Source Intelligence) to identify and mitigate risks before they impact the organization.
  • SIEM & SOAR Optimization : Design, optimize, and maintain Sekoia (SIEM) and associated SOAR workflows to ensure efficient threat detection, triage, and response processes. Develop advanced detection rules and automation workflows tailored to Ledger's threat landscape.
  • Threat Intelligence Integration : Leverage CTI feeds and OSINT tools to enrich security operations, improving situational awareness and incident response effectiveness. Provide insights from threat intelligence to shape detection strategies and inform security posture improvements.
  • Cloud Security Operations : Apply deep knowledge of AWS security best practices to monitor and secure cloud environments. Utilize tools like Wiz for CSPM (Cloud Security Posture Management) and CNAPP to ensure proactive identification and mitigation of cloud vulnerabilities.
  • Incident Response & Forensics : Lead technical investigations for high-priority incidents, performing root cause analysis and recommending mitigations to prevent recurrence. Use advanced forensic tools and techniques to analyze and respond to complex attacks.
  • Collaboration & Documentation : Work closely with Engineering, Infrastructure, and Security Operations teams to align operational practices with organizational goals. Create detailed playbooks, detection rules, and technical runbooks to enhance team knowledge and response efficiency.

What we're looking for

  • 9+ years of experience in security operations, including SOC Level 3 activities and incident response.
  • Expertise with Sekoia (or similar SIEM tools), SOAR platforms, and CTI/OSINT methodologies.
  • Strong knowledge of AWS security, including IAM, VPC configurations, and cloud-native threat monitoring.
  • Hands-on experience with tools such as Wiz, SentinelOne (EDR), and GitHub Actions for automation.
  • Exceptional analytical and problem-solving skills, with the ability to handle complex security challenges.
  • Excellent communication skills for conveying technical concepts to cross-functional teams.

What's in it for you?

  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow. Flexibility: A hybrid work policy.
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage. Well-being: Personal development, coaching & fitness with our dedicated partners.
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
  • High tech: Access to high performance office equipment and gadgets, including Apple products. 
  • Transport: Ledger reimburses part of your preferred means of transportation. 
  • Discounts: Employee discount on all our products.

We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.


#LI-Hybrid #LI-RDH

Top Skills

AWS
The Company
Paris
751 Employees
On-site Workplace
Year Founded: 2014

What We Do

Founded in Paris in 2014, LEDGER is a global platform for digital assets and Web3. Ledger is already the world leader in Critical Digital Asset security and utility. With more than 6M devices sold to consumers in 200 countries and 10+ languages, 100+ financial institutions and brands as customers, 20% of the world’s crypto assets are secured, plus services supporting trading, buying, spending, earning, and NFTs. LEDGER’s products include: Ledger Stax, Nano S Plus, Nano X hardware wallets, LEDGER Live companion app, [ LEDGER ] Market, the world’s first secure-minting and first-sale distribution platform, and Ledger Enterprise. With its ease of use, LEDGER allows a user to begin investing in digital assets and ultimately, achieve financial freedom in a safe and stress-free environment.

Headquartered in Paris and Vierzon, with offices in London, New York and Singapore, Ledger has a team of more than 900 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto
Headquartered in Paris and Vierzon, with offices in London, New York and Singapore, Ledger has a team of more than 900 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including more than 6 millions devices already sold in 180 countries.

Ledger combines either Nano S Plus or Nano X and the Ledger Live app to offer consumers the easiest way to start their crypto journey while maintaining full control over their digital assets. With its ease of use, Ledger allows users to begin investing in digital assets and ultimately, achieve financial freedom in a safe and stress-free environment, with education provided by its Ledger Academy and Quest.

In addition to consumer products, Ledger has also developed Ledger Enterprise, a digital asset custody and security solution for institutional investors and financial players.

Similar Jobs

Snap Inc. Logo Snap Inc.

Lead Research Scientist, Neural Interfaces

Artificial Intelligence • Cloud • Machine Learning • Mobile • Software • Virtual Reality • App development
Hybrid
Paris, Île-de-France, FRA
5000 Employees

Snap Inc. Logo Snap Inc.

SoC Design Engineer

Artificial Intelligence • Cloud • Machine Learning • Mobile • Software • Virtual Reality • App development
2 Locations
5000 Employees

Dynatrace Logo Dynatrace

Log Management and Analytics - Solutions Engineer

Artificial Intelligence • Big Data • Cloud • Information Technology • Software • Big Data Analytics • Automation
Hybrid
Boulogne-Billancourt, Hauts-de-Seine, Île-de-France, FRA
4700 Employees

Datadog Logo Datadog

Senior Software Engineer - Logs- Query

Artificial Intelligence • Cloud • Software • Cybersecurity
Hybrid
Paris, Île-de-France, FRA
5000 Employees

Similar Companies Hiring

Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
RunPod Thumbnail
Software • Infrastructure as a Service (IaaS) • Cloud • Artificial Intelligence
Charlotte, North Carolina
53 Employees
Hedra Thumbnail
Software • News + Entertainment • Marketing Tech • Generative AI • Enterprise Web • Digital Media • Consumer Web
San Francisco, CA
14 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account