Veda Labs.
An AI platform for retailers and other businesses to navigate through the COVID Era with it's superior technology.
Detection & Response Engineer
Location
United States
Posted
8 days ago
Salary
Not specified
EnglishAWSAzureCloudFlashGoogle Cloud PlatformKubernetesOraclePythonRustSoliditySplunkWeb3Go
Job Description
• You will own the Detection & Response (D&R) function across our hybrid Web2+Web3 environment.
• From designing high-fidelity detections to orchestrating rapid incident containment, both on-chain and off, you will be at the forefront of protecting a fast-moving DeFi platform.
• Detection Engineering: Design, build, and continuously tune detection pipelines for cloud, container, and blockchain telemetry (AWS/GCP logs, K8s events, on-chain data streams).
• Maintain real-time monitoring using SIEM/XDR solutions.
• Integrate blockchain-specific monitoring tools (e.g. Hypernative, Hexagate, etc.) with cloud-native telemetry.
• Response Automation: Build SOAR workflows and automated containment playbooks.
• Implement on-chain transaction guardrails and automated policy enforcement for suspicious smart-contract activity.
• Incident Management: Lead incident lifecycle end-to-end: triage, scope, containment, eradication, recovery, and post-mortems.
• Conduct blockchain forensics, smart contract incident analysis, and web2 investigations.
• Threat Hunting & Purple Teaming: Proactively identify emerging TTPs by mining multi-source telemetry.
• Partner with other engineers to simulate attack scenarios, including DeFi-specific threats (MEV exploitation, oracle manipulation, re-entrancy, governance takeovers).
• Security Architecture & Collaboration: Partner with DevOps, Backend, and Smart Contract teams to integrate detection logic into pipelines.
• Conduct security design reviews for new features, focusing on both application logic and blockchain protocol risks.
• Influence secure-by-default engineering practices across Web2 and Web3 stacks.
Job Requirements
- 5+ yrs combined experience in Security Operations, Incident Response, or SRE with a strong DevSecOps mindset.
- Strong understanding of cloud-native (AWS/GCP/Azure) and containerized infrastructure (K8s, ECS, etc.) including workload security.
- Proven experience managing modern detection stacks (Elastic, Splunk, Panther, Chronicle, or equivalents) and iac-driven deployments.
- Hands-on with container & K8s security: admission controller policies, runtime hardening, image scanning, network policies.
- Hands-on Kubernetes and container security (OPA Gatekeeper/Kyverno, Falco, runtime hardening, network segmentation, image scanning, etc.).
- Proficient in at least one production-grade programming language (Python, Go, Rust) with a track record of automated security tooling.
- SOAR platform integration experience with demonstrated ability to transform log data into automated containment actions.
- Familiarity with blockchain-specific security monitoring tools and workflows.
- Understanding of DeFi-specific attack vectors such as flash-loan exploits, cross-chain bridge attacks, MEV, governance exploits, and protocol-level vulnerabilities.
- Working knowledge of Solidity, smart-contract testing frameworks (e.g., Foundry, Hardhat), and secure development patterns.
- Familiarity with MITRE ATT&CK (Enterprise + DeFi mappings), threat modeling methodologies, and purple-team collaboration frameworks.
- Experience implementing zero-trust architectures, modern identity & access management, and secrets management best practices.
- Nice-to-Have:
- Experience in digital asset custody security, wallet infrastructure, and multi-sig/threshold signature systems.
- Experience with anomaly detection/ML-based detection systems in a security context.
Benefits
- Health Coverage
- Flexible Time Off
- Remote-First by Design
- Parental Leave
- Learning & Development
