Security Engineer (Data Centers)
Role in brief
Galaxy Digital seeks a Security Engineer to manage and automate security operations for their data centers. This role involves threat monitoring, incident response, and optimizing security tools. Candidates with strong scripting skills and experience in SOC environments, particularly with cloud and on-premise infrastructure security, will find this role a good fit.
About the role
This role centers on managing the Security Operations Center, which includes continuous monitoring, threat analysis, and responding to security incidents. A key part of the work involves investigating security breaches to determine their root causes and preparing detailed reports afterward. The engineer will also be responsible for streamlining security processes through automation, using scripting languages to improve efficiency.
The position requires configuring and fine-tuning various security tools such as SIEM, SOAR, IDS/IPS, EDR, XDR, and DLP systems. This involves analyzing logs, network traffic, and system behavior to identify potential threats. Collaboration is essential, as the Security Engineer will work closely with IT, DevOps, and other security teams to ensure a cohesive security posture across the organization.
Success in this role means effectively protecting data centers from threats, efficiently responding to incidents, and continuously improving security operations through automation and tool optimization. The ideal candidate will bring experience in leading or participating in SOC activities, a solid understanding of network protocols, and familiarity with both Windows and Linux environments, along with DevOps practices.
The annual salary for this position ranges from $130,000 to $180,000, complemented by additional bonuses.
Skills that matter here
- Python: This role uses Python for automating security tasks and developing scripts to enhance operational efficiency.
- PowerShell: PowerShell is utilized for scripting and automating security processes, especially within Windows environments.
- Bash: Bash scripting is applied for automating tasks and managing security operations in Linux and Unix-like environments.
- SIEM: The engineer will configure and optimize SIEM systems like Splunk, ELK, and SumoLogic for security monitoring and analysis.
- AWS: Experience with AWS is required for securing cloud infrastructure and understanding cloud-specific security challenges.
- CrowdStrike: This role involves configuring and working with CrowdStrike for Extended Detection and Response (XDR) capabilities.
Who this role suits
- A person who thrives on investigating security incidents to uncover root causes and implement lasting solutions.
- Someone who enjoys automating repetitive tasks and has a strong aptitude for scripting to improve security operations.
- An individual who excels at collaborating with diverse technical teams to build and maintain robust security defenses.
- A candidate with a solid background in Security Operations Centers, comfortable with both proactive monitoring and reactive incident response.
From the employer
Responsibilities
- Manage SOC: monitoring, analysis, and response to threats
- Incident investigation, root-cause analysis, and post-reporting
- Automate security tasks (Python, PowerShell, Bash)
- Configure and optimize SIEM, SOAR, IDS/IPS, EDR, XDR, DLP
- Analyze logs, network traffic, and system behavior
- Collaborate with IT, DevOps, and security teams
Requirements
- Experience in SOC (leading or participating)
- Strong scripting skills (Python, PowerShell, Bash)
- Configuration of on-prem firewall (Palo Alto)
- Experience with VMware, AWS, Azure
- SIEM: Splunk, ELK, SumoLogic; XDR: Cortex, CrowdStrike
- Understanding of network protocols, Windows/Linux
- CI/CD, Git, DevOps practices
- Excellent communication skills
Conditions
- Competitive base salary + bonus
- Flexible Time Off (unlimited paid time off)
- 11 paid holidays, paid sick leave
- Medical insurance for employees, partners, and dependents
- 3% 401(k) from the company
- Generous Parental Leave
- Free coaching sessions (Ginger)
- Opportunity to learn in the field of Crypto and Data Centers
- Smart, entrepreneurial colleagues, Employee Resource Groups
Questions about this role
What is the remote work policy for this position?
This is a fully remote position, allowing candidates to work from any location.
What level of experience is expected for this role?
The role requires experience in a Security Operations Center, either leading or participating, along with strong scripting skills and familiarity with various security tools and cloud platforms.
How do I apply for this job?
The job posting does not include specific application instructions, but typically you would apply through the company's career portal or the platform where the job was listed.