Senior Threat Detection & Response Engineer

The Company

Swan is the leading education focused Bitcoin-only onramp for retail customers, high net worth individuals and corporations looking to save in Bitcoin for the long term. We hire passionate Bitcoiners who want to work with a self-motivated and fully distributed startup team.

The Role

Swan is looking for Bitcoiners who are security minded builders and breakers! If you geek out on everything security related and like working with a passionate team of Bitcoiners that only care about doing what’s right for Bitcoin, you’ll be at home here.

This person will be responsible for creating the tooling and infrastructure that drives our detection and response pipelines. You will work closely with teams across the company to provide foundation tooling to scale detections across all environments.

As a member of our Threat Detection and Response team, you’ll be responsible for ensuring we have the proper visibility, detections, and operations to protect Swan Bitcoin, our customers and our ecosystem. You will work partner with engineering teams to to understand Swan Bitcoin’s attack surface and turn detections into preventions.

Skills and experience that will help you succeed:

• Experience with AWS, Datadog, secure data ingestion and Incident Response (IR) process development and execution
• Expertise in a broad range of security technology such as EDR, Network Traffic Analysis, Email Security Gateway, SASE, public cloud security, etc.
• 2+ years of experience in Tier 2 or Tier 3 Incident Response (IR) using data analytics and system forensics in production and corporate environments
• Well versed in the latest adversary techniques, attack lifecycle, and incident response procedure
• Incorporating public detections, community research, internal assessment results, and available threat intelligence into the team's overall detection capabilities
• Proficient in security monitoring, log analysis and detection building from large datasets to automate Incident detection and response processes
• Experience “threat hunting,” i.e. using threat intel to proactively and iteratively investigate potential risks and finding suspicious behavior in the network
• Review the latest alerts to determine relevancy and urgency
• Design, build and manage security monitoring and alerting tools

Here's a bit about our culture:

• We’re a small but growing team: Fully distributed across the world, Slack and video conferencing are huge here.
• We’re very flat: Leadership is desired and encouraged, we hire people who care about the product they are working on.
• We’re Bitcoiners: We find solutions that encourage Bitcoin principles. Many of us pull double duty alongside our main job, produce content for the Swan Signal blog or live show, and spend some of the day on Twitter educating the masses. We love Bitcoin, and it comes through in our daily chats, meetings, and actions.

Join us, become a Swan!