Summary

As a Security Engineer on the Polygon Labs SecOps team, you’ll play a critical role in protecting core infrastructure across both Web2 and web3 environments. This is a rare opportunity to join a highly technical and collaborative team working on the front lines of blockchain and cloud security. You’ll be working in a high-stakes environment, supported by a globally distributed security team that shares operational responsibility, 24/7, around the clock.

You’ll own a wide range of operational security initiatives - from real-time threat detection to custom web3 infrastructure controls. If you're passionate about working in high-stakes environments, thrive on solving complex challenges, and want to shape the next generation of security in web3, we’d love to have you on board.

Your Responsibilities

1. Lead and evolve SIEM operations: manage log feeds, fine-tune detection rules, and respond to real-time threats using Datadog SIEM, EDR, and on-chain monitoring tools.
2. Drive key web3 security initiatives including multisig controls, signer access, attestations, and audit processes.
3. Develop and enforce operational security best practices across Web2 and web3 systems.
4. Collaborate cross-functionally to secure cloud infrastructure environments (GCP) and web-facing services.
5. Build and maintain automation for tooling, alerting, vulnerability scanning, and compliance workflows.
6. Conduct internal security audits and support third-party risk assessments to continuously strengthen our infrastructure.
7. Contribute to secure infrastructure-as-code practices, even if not directly managing Terraform pipelines.

What You'll Need

1. 2 - 5 years of experience in security operations, with exposure to both traditional cloud environments and web3 technologies.
2. Hands-on experience with incident response, SIEM platforms, and endpoint detection and response (EDR) tools.
3. Strong understanding of blockchain security concepts: smart contract risks, multisig wallets, and on-chain monitoring.
4. Proficiency with GCP security principles and tooling. DevOps experience is a plus.
5. Programming experience in Python, TypeScript/JavaScript for automation and monitoring use cases. Knowledge of Solidity is a plus.
6. Excellent collaboration, communication, and problem-solving skills - along with a high sense of ownership and adaptability in a fast-moving industry.

Preferred Qualifications

1. Familiarity with security frameworks such as CIS Controls, ISO 27001, SOC 2, NIST CSF, or MITRE ATT&CK.
2. Foundation security certifications such as CompTIA (e.g. Linux+, Security+) expected. CompTIA CySA+, GIAC (e.g., GCIH, GCIA), or GCP Security Specialty preferred. Additional certifications like Datadog Fundamentals are a plus.
3. Exposure to web3 security certifications (e.g., CryptoConsortium C4) is a plus.

Skills

• Communications Skills
• Problem Solving
• Python
• Team Collaboration
• TypeScript