Chainalysis is hiring a Blockchain Security Software Engineer

Chainalysis is looking for a Blockchain Security Software Engineer to join the Hexagate team. You will build cybersecurity products that protect on-chain and web3 assets by analyzing threats and constructing real-time detection systems.

What You'll Do

• Track real threats by analyzing active attack patterns, including wallet compromise, laundering flows, phishing-driven drains, and malicious contract interactions.
• Build detections by turning attacker behavior into monitors using our internal monitoring language (DSL), heuristics, and model signals.
• Validate and tune detections by measuring precision/recall, reducing false positives, and hardening against evasion.
• Operationalize fast by working with engineers to ship detections into production safely through testing, rollout, monitoring, and rollback.
• Drive coverage by identifying gaps, proposing new signals, and expanding detection logic across chains and assets.
• Partner closely with product and engineering teams to align detections with customer workflows and response actions.

What We're Looking For

• Strong understanding of blockchain fundamentals: transactions, token standards, address behavior, bridges, MEV/basic mempool concepts, and common attacker playbooks.
• Experience in an adversarial domain (security, fraud, abuse, risk) and comfort reasoning about evasive behavior.
• Ability to go from a “threat story” to a production detection: signal selection, thresholds, edge cases, and validation.
• Strong Python skills and comfort working with data, including queries, datasets, and analysis.
• Clear communication and strong collaboration habits.

Nice to Have

• Experience investigating on-chain incidents or building detection rules.
• Familiarity with anomaly detection, graph heuristics, or statistical modeling.
• Experience working with real-time pipelines or streaming systems.
• Experience writing detections in a DSL or rules engine.

Technical Stack

• Python, Rust/Go, Kubernetes, AWS
• Grafana, Pulumi, NATS
• PostgreSQL, Redis, S3

Work Mode

This is a global position open to candidates in Denmark, the UK, Canada, the USA, and Israel.

Chainalysis is inspired by solving the hardest technical challenges and creating products that build trust in cryptocurrencies. We believe that diversity of experience and thought makes us stronger and are committed to ensuring our team reflects the unique communities around us.