Apply on Employer Site

Chainway Labs · 6 hours ago

SecOps Engineer

United States

Full-time

Remote

Entry, Mid Level

1+ years exp

Chainway Labs is seeking a SecOps Engineer to join their team at Citrea, focused on securing on-chain finance with Bitcoin. The role involves daily operational security tasks, including incident response, security monitoring, and automation of security operations.

BlockchainCryptocurrencyWeb3

Responsibilities

Participate in the incident rotation (on-call / responder schedule as defined by the team)

Triage and escalate security alerts (SIEM/EDR/cloud/app signals)

Assist with incident handling: evidence collection, timeline building, containment steps, comms notes, and post-incident action tracking

Maintain and improve incident runbooks, checklists, and escalation paths

Administer and support security tools such as: SIEM / log pipelines (basic rule tuning, alert routing, dashboards, integrations)

EDR policy checks and operational maintenance (triage, device status follow-ups)

Password manager support (onboarding/offboarding, policy enforcement, recovery flows)

Security training platform administration (campaigns, enrollment, reporting)

Improve signal quality: reduce noise, identify monitoring gaps, ensure coverage for critical systems

Participate in internal control routines (periodic checks, evidence collection, documentation updates)

Help with access control audits (reviews, recertification cycles, exception tracking)

Maintain systems inventory / asset tracking (services, owners, environments, criticality tags)

Help operate the bug bounty program: initial triage, reproduction, severity suggestions, routing to engineering, tracking fixes to closure

Support brand protection mechanisms: phishing/impersonation monitoring, takedown workflows, domain/social monitoring, basic investigations

Write and maintain simple scripts (Python and/or Bash preferred) to automate repetitive security ops tasks (enrichment, reporting, inventory sync, alert deduping, API pulls)

Build small integrations between tools (webhooks, Slack/Telegram notifications, ticket creation)

Qualification

Security OperationsScripting (Python/Bash)Incident ResponseSIEM ExperienceCloud SecurityLinux/macOS/Windows BasicsCommon Security ConceptsEnglish Proficiency

Required

English proficiency (you will write incident notes, procedures, and communicate in English daily)

Ability to write simple scripts (Python and/or Bash) and work with APIs/JSON

1–3+ years in Security Operations / IT Ops / SysAdmin / SOC / DevOps with security responsibilities

Practical understanding of common security concepts: IAM basics, phishing/social engineering patterns, endpoint hygiene, logging/monitoring, incident triage

Comfortable with Linux/macOS/Windows basics and common SaaS admin consoles