Art Blocks has an opening for a Security Operations Engineer who is excited about digital ownership, generative art, and resilient systems. We are looking for a Security Operations Engineer with strong communication and analytical skills to help us improve and expand how we secure our endpoints, monitor our systems, and refine the processes that enable us to build great products. In this engineering role, you will be a key contributor to our roadmap while driving innovative and scalable detection / response solutions.

You’ll join a small but growing team that is designing, implementing, and validating Art Blocks’ security and privacy posture for our distributed team and our global customers. We partner closely with Product & Engineering to provide support & guidance to build resilient and scalable systems that bake security into our systems across the company.

This position is a remote position – we’re looking for the best candidates to join our team regardless of location in the United States.

Potential Projects

• • In this role, you’ll be designing, implementing, and maintaining systems to help us operationalize our security in a way that makes it easy to make the secure decision.
  • You’ll stay on top of evolving threat intelligence & vulnerability data to help Art Blocks respond to active and potential threats.
  • Expand and refine how we manage endpoints by identifying gaps, opportunities, and developing solutions that meet the needs of our growing organization.
  • Orchestrate and monitor our systems to detect & respond to threats
  • Analyze our risk and work with multiple teams to uplevel our data management practices
  • Enable instrumentation and monitoring of our products and services through individual and collaborative efforts
  • Actively contribute to our vulnerability management program by aligning our monitoring and mitigation efforts align with known vulnerabilities
  • Research and test new technologies that can improve our security posture.

Responsibilities

• • Build, operate, and maintain monitoring, detection, and reporting systems
  • Document best practices and train employees on new ways of working
  • Analyze our systems to identify opportunities to build defense in depth and deliver next steps that solve today’s problem while planning for scale in the future
  • Collaborate with other engineers and stakeholders to deliver on reliable services, APIs and other critical systems as needed

Base Requirements

• • • We hire talented and motivated people from a variety of backgrounds because we want our team to reflect the world. If you’re excited about this role, but your past experience doesn’t align perfectly with every bullet point listed here, we still encourage you to apply. If you’re a creative, action-oriented problem solver, who wants to build great products, we want to hear from you.
    • Security expertise & experience →  You have experience building tooling and systems that secure and monitor cloud environments. You can contribute to our codebase to raise the bar on security systems, tooling design, and cloud infrastructure.
    • Monitoring and response → You have experience with vulnerability or attack frameworks and have used them to identify and mitigate gaps. You are comfortable playing multiple roles throughout the incident response lifecycle.

• • 2+ years of experience as an engineer in software, security, SRE, IT, or similar role
  • 2+ years working in security operationsExperience designing and operationalizing security controls
  • Familiarity with modern cloud security stack
  • Experience with one or more object oriented programming language (e.g. Java, Python, etc.).
  • Solid problem solving and communication skills that you’ve honed by collaborating across teams in prior roles.
  • Ability to navigate ambiguity and map a path towards sustainable, elegant solutions.

Tech Stack

• • Your experience with our specific technical stack (or any specific stack) is of secondary importance to us. We care much more about finding candidates who have solid fundamentals, general aptitude, a desire to learn, and are compassionate and collaborative people to work with. We understand that it will take time to ramp up and are excited to consider non-traditional candidates who are excited about what we are building. That said, we’re excited about the technology we’re building. Our tech and productivity stack includes usage of:
  • Next.js
  • React
  • Node.js
  • Typescript
  • GraphQL
  • Hasura
  • The Graph
  • Vercel
  • Solidity
  • Infura, Alchemy
  • Popular web3 libraries (ethers.js, web3.js)
  • AWS
  • Github
  • Notion