Your mission

📍Ledger is seeking a Security Operations Engineer with experience in scale-up environments and an interest in Web3 and blockchain security. In this role, you will contribute to detecting and mitigating threats across Ledger's infrastructure, managing SaaS security tools, and conducting threat-hunting activities. While some collaboration on blockchain-related risks will occur with the Donjon (Product Security Team), the primary focus is on operational security, including threat detection, automation, and incident response. This is an excellent opportunity to secure a fast-paced, SaaS-heavy environment while engaging with innovative Web3 technologies.

In this role you will:

📍Security Monitoring & Incident Response: Monitor and analyze security events using tools like Sekoia (SIEM) and SentinelOne (EDR) to identify and mitigate threats effectively. Develop and refine detection logic, including Indicators of Compromise (IOCs), to improve threat visibility and detection. Lead incident response activities, ensuring swift containment and remediation of threats. 📍Threat Hunting: Proactively hunt for threats across SaaS and cloud environments, identifying malicious behaviors or advanced persistent threats (APTs).Integrate Cyber Threat Intelligence (CTI) and OSINT into threat-hunting processes to anticipate and mitigate risks. 📍SaaS and IAM Security: Manage and secure SaaS applications, including Google Workspace, and implement best practices for IAM systems like OKTA. Strenghten access policies, monitor user activity, and mitigate IAM-related security risks. 📍Blockchain Collaboration: Work with the Donjon (Product Security Team) to provide operational support for blockchain-related risks, such as integrating relevant detection logic into SIEM or responding to specific blockchain-related incidents. This collaboration complements your primary responsibilities and allows you to engage with Web3 threats without being the primary owner of these risks.