Sydney / Remote; Japan / Remote; Remote Remote (Global) Employment

Chainlink Labs is hiring a Security Response Engineer, Incident Response

Requirements

Proven incident response leadership: experience as the primary incident commander for high‑severity security incidents involving multiple teams and external stakeholders, and can independently manage incident timelines, decisions, and communications
Operational rigor and investigation depth: demonstrated experience with triage, scoping, containment, and remediation across endpoint, cloud, and/or network based incidents; drives root‑cause analysis and post-incident action items to completion.
Experience in macOS-heavy environments: has secured and operated a predominantly macOS endpoint fleet: deploying / managing endpoint controls, telemetry collection, and performing investigations on macOS systems.
Collaborative, straightforward communicator: writes clear incident updates and summaries; can explain risk, impact, and trade‑offs to both technical and non‑technical stakeholders; builds trust with partner teams during high-pressure situations; comfortable handling the regular communication cadence of an incident
Detections experience: ability to create and refine detections based on investigations and threat intelligence
Previous coding experience (Python, Go, Rust, or similar): scripting for data parsing/enrichment and simple automations

Nice to Have

Prior success in remote-first environments.
Experience with detections‑as‑code (Sigma) development and workflows.
Domain experience with blockchain/Web3 threats.
Open-source contributions to security related projects.

Work Arrangement

Remote (Worldwide)

Additional Information

All roles with Chainlink Labs are global and remote-based. Unless otherwise stated, we ask that you try to overlap some working hours with Eastern Standard Time (EST).
We carefully review all applications and aim to provide a response to every candidate within two weeks after the job posting closes. The closing date is listed on the job advert, so we encourage you to take the time to thoughtfully prepare your application. We want to fully consider your experience and skills, and you will hear from us regarding the status of your application shortly after the closing date.

Required Skills

triagescopingcontainmentremediation across endpointcloud/or network based incidentsmacOS-heavy environmentsdetectionsblockchain/Web3 threats. triagescopingcontainmentremediation across endpointcloud/or network based incidentsmacOS-heavy environmentsdetectionsblockchain/Web3 threats.

Scaling your freelance income?

Invoice multiple clients effortlessly

Managing 3+ international clients? Glopay streamlines everything. One EU company, unlimited invoices, automatic compliance. You just send and get paid.

Unlimited clients & invoices

Multi-currency support

Automated tax compliance

Client portal for easy payments

Scale with Glopay

Trusted by 10,000+ freelancers

About company

Chainlink is the industry-standard oracle platform bringing the capital markets onchain and powering the majority of decentralized finance (DeFi). The Chainlink stack provides the essential data, interoperability, compliance, and privacy standards needed to power advanced blockchain use cases for institutional tokenized assets, lending, payments, stablecoins, and more. Chainlink leverages a novel fee model where offchain and onchain revenue from enterprise adoption is converted to LINK tokens and stored in a strategic Chainlink Reserve.

All jobs at Chainlink Labs Visit website

Job Details

Department Security

Category security

Posted 4 months ago