← Zurück zur Liste
Stelle · Senior

Senior Security Operations Engineer

Security Engineer • Senior • Remote • Vollzeit • 📍 Paris

Join Ledger's Security Operations (SecOps) team, responsible for protecting Ledger's corporate, cloud, SaaS, and data center environments. As a Senior Security Operations Engineer, you sit at the heart of the SOC: you lead investigations end-to-end, manage the lifecycle of detections, dashboards, and automations, and continuously expand visibility across cloud, endpoints, identities, SaaS, and infrastructure. You also serve as a technical escalation point for junior analysts and contribute to Ledger's in-house Agentic SOC.

Responsibilities

  • Analyse, classify, and prioritise alerts from Splunk, CrowdStrike, Wiz, AWS, and other sources, and conduct in-depth investigations across endpoints, cloud, identities, SaaS, and infrastructure
  • Build and tune cloud detection use cases (AWS, IAM activity, EKS/Kubernetes, container workloads) and use Wiz to track and prioritise cloud exposure
  • Integrate and maintain log sources and improve data quality: completeness, parsing, normalisation, relevance, and usability
  • Design, write, and optimise Splunk queries and develop new detection use cases, reducing noise and improving signal quality
  • Lead incident response: gather evidence, reconstruct timelines, document actions, and monitor containment and remediation
  • Build and maintain automations (Torq/SOAR, scripts, APIs) and contribute to the design and continuous improvement of the internal Agentic SOC
  • Serve as an escalation point and technical resource for more junior analysts, reviewing their work and sharing knowledge

Requirements

  • Solid, proven experience in SecOps, SOC, cloud security, incident response, or infrastructure security, with a track record of building and improving SOC capabilities and conducting independent investigations
  • Strong, hands-on cloud security skills, ideally with AWS: investigating IAM and identity activity, analysing cloud audit logs (CloudTrail, GuardDuty), and securing workloads, containers, and Kubernetes (EKS)
  • Comfortable with exposure/CSPM tooling, ideally Wiz
  • SIEM experience, ideally Splunk, with the ability to write queries for investigation and detection; EDR, ideally CrowdStrike
  • Automation using Python, Bash, APIs, GitHub Actions, SOAR, or equivalent
  • Professional-level English

Nice to have

  • Interest in or experience with AI applied to security, agent-based workflows, and SOC automation

Soft skills

Diligence, independence, and technical curiosityAttention to detail and clear documentationAwareness of confidentiality and proper handling of sensitive information

What we offer

  • Hybrid policy allowing employees to work from home up to 3 times per week
  • Health and Life Insurance
  • Opportunity to become a shareholder in Ledger, plus further financial benefits depending on your country of work
  • Commuter allowance towards your preferred means of transportation
  • A comprehensive suite of training solutions providing a personalised learning experience

About the company

Ledger is a global platform for digital assets and Web3, securing over 20% of the world's crypto assets. Headquartered in Paris with offices worldwide, its roughly 600 professionals build products and services - including the Ledger hardware wallet line, with more than 7.5 million units sold in 200 countries - that let individuals and companies securely buy, store, swap, grow, and manage crypto assets.

Languages: Angol (professzionális szint)