Job details

Security Operations Engineer (f/m)

We're making the world of digital assets accessible and secure for everyone. Join the mission.

Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 25% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 7 millions units already sold in 200 countries.

At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Hear from our employees how they shape the work we do here.

Your mission

Ledger is seeking a Security Operations Engineer with experience in scale-up environments and an interest in Web3 and blockchain security.
In this role, you will contribute to detecting and mitigating threats across Ledger's infrastructure, managing SaaS security tools, and conducting threat-hunting activities. While some collaboration on blockchain-related risks will occur with the Donjon (Product Security Team), the primary focus is on operational security, including threat detection, automation, and incident response.
This is an excellent opportunity to secure a fast-paced, SaaS-heavy environment while engaging with innovative Web3 technologies.

In this role you will:

Security Monitoring & Incident Response: Monitor and analyze security events using tools like Sekoia (SIEM) and SentinelOne (EDR) to identify and mitigate threats effectively. Develop and refine detection logic, including Indicators of Compromise (IOCs), to improve threat visibility and detection. Lead incident response activities, ensuring swift containment and remediation of threats.
Threat Hunting: Proactively hunt for threats across SaaS and cloud environments, identifying malicious behaviors or advanced persistent threats (APTs).Integrate Cyber Threat Intelligence (CTI) and OSINT into threat-hunting processes to anticipate and mitigate risks.
SaaS and IAM Security: Manage and secure SaaS applications, including Google Workspace, and implement best practices for IAM systems like OKTA. Strenghten access policies, monitor user activity, and mitigate IAM-related security risks.
Blockchain Collaboration: Work with the Donjon (Product Security Team) to provide operational support for blockchain-related risks, such as integrating relevant detection logic into SIEM or responding to specific blockchain-related incidents. This collaboration complements your primary responsibilities and allows you to engage with Web3 threats without being the primary owner of these risks.
Automation and Efficiency: Implement security automation workflows using GitHub Actions or similar tools to streamline detection, triage, and response processes.
Vulnerability Management: Monitor and prioritize vulnerabilities using tools like Wiz and SBOM registries, ensuring timely remediation across SaaS and cloud environments.
Collaboration & Documentation: Collaborate with Threat Intelligence, Engineering, and Product Security teams to align and enhance security practices/ Document playbooks, detection rules, and threat-hunting methodologies to ensure operational efficiency and knowledge sharing.

What we’re looking for:

Professional Experience: 3+ years of experience in security operations, preferably in scale-up environments. Familiarity with Web3 and blockchain security risks, with an understanding that blockchain-specific efforts will involve collaboration with the Donjon team.
Technical Skills: Hands-on experience with SIEM tools (e.g., Sekoia) and detection logic development. Proficiency in EDR platforms (e.g., SentinelOne) and threat-hunting methodologies, including IOC management. Strong knowledge of SaaS security tools (e.g., Google Workspace) and IAM systems (e.g., OKTA). Experience with vulnerability management tools like Wiz and cloud security best practices.
Soft Skills: Strong analytical and problem-solving abilities with a proactive approach to security challenges. Clear and effective communication skills for collaboration with cross-functional teams.A passion for learning and knowledge sharing.

What's in it for you:

Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow.
Flexibility: A hybrid work policy.
Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage.
Well-being: Personal development, coaching & fitness with our dedicated partners.
Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
High tech: Access to high performance office equipment and gadgets, including Apple products.
Transport: Ledger reimburses part of your preferred means of transportation.
Discounts: Employee discount on all our products.

We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.

Ledger Glassdoor Company Review

3.9

Ledger DE&I Review

4.2

CEO of Ledger

Pascal Gauthier

Approve of CEO

Average salary estimate

$80000 / YEARLY (est.)

min

max

$70000K

$90000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Security Operations Engineer (f/m), Ledger

Are you ready to take your career to the next level as a Security Operations Engineer at Ledger in Paris? We're on a mission to make the world of digital assets accessible and secure for everyone, and we need your expertise to help us thrive in this fast-paced, innovative environment. With over 25% of the world’s crypto assets secured through our Ledger Nanos, our team of more than 700 professionals is dedicated to developing cutting-edge products and services. In this role, you'll get the chance to monitor and analyze security events using powerful tools like Sekoia and SentinelOne, while also engaging in proactive threat hunting across our SaaS and cloud environments. Your skills in vulnerability management will help us prioritize and remediate risks effectively. Not only will you collaborate with our dedicated Product Security Team, Donjon, to address blockchain-related threats, but you'll also get to implement automation workflows to enhance our security response processes. With a strong focus on operational security, your role will be essential in detecting threats and ensuring our infrastructure remains robust and secure. If you have at least 3 years of experience in security operations, familiarity with Web3 technologies, and a passion for problem-solving and collaboration, then Ledger is the perfect place for you to grow your career while making a big impact. Join us, and let's secure the future of digital assets together!

Frequently Asked Questions (FAQs) for Security Operations Engineer (f/m) Role at Ledger

What does a Security Operations Engineer do at Ledger?

As a Security Operations Engineer at Ledger, you will play a critical role in monitoring security events, conducting threat detection, and managing incident responses within our infrastructure. Your responsibilities include using SIEM tools like Sekoia for detecting threats, conducting proactive threat hunting, and collaborating with the Donjon team on blockchain-related risks, all while ensuring the security of our SaaS applications.