Member of Technical Staff, Security Operations
Anchorage Digital · United States · 3 wk ago
RemoteRemoteEngineeringFull-time
Technical Skills
- Build and maintain security automation and tooling to detect vulnerabilities through static and dynamic analysis across code and live systems.
- Conduct application security assessments, penetration tests, and code reviews to identify high-risk security issues and provide secure development guidance.
- Develop and operate vulnerability management workflows, partnering with engineering teams to prioritize and remediate findings.
- Establish and test security guardrails for code, cloud resources, and infrastructure components throughout the Anchorage platform.
Complexity and Impact of Work
- Maintain security monitoring and response capabilities, leading investigation and containment efforts for security events and configuration anomalies.
- Manage the entire vulnerability lifecycle, from discovery to remediation, ensuring timely closure of findings.
- Lead or significantly contribute to Security Operations initiatives with minimal oversight, coordinating across team boundaries to drive projects to completion.
- Break down complex security problems into manageable workstreams with accurate scope and time estimates, presenting options clearly and providing well-reasoned priority recommendations.
- Deliver assurance artifacts and evidence for regulatory requirements, supporting audit and compliance efforts.
- Balance the speed of response with thoroughness of investigation, adapting the approach based on risk and business impact.
Organizational Knowledge
- Understand and help implement the company's security strategy by participating in planning and defining Security Operations goals aligned with Anchorage Digital's objectives.
- Stay informed about emerging threats, vulnerabilities, and industry trends that could affect the organization's security posture.
- Foster a security-first culture by considering security holistically across the product ecosystem—applications, infrastructure, and third-party integrations.
- Collaborate cross-functionally with Engineering, Infrastructure, and Compliance teams to embed security into development and operational processes.
Communication and Influence
- Broadly share knowledge across the team through documentation, runbooks, and post-incident reviews, preventing single points of failure.
- Partner with engineering teams to explain security risks and remediation approaches, translating technical findings into actionable guidance.
- Collaborate across teams to review security configurations, triage findings, and engage in technical discussions.
- Communicate insights and recommendations clearly to improve processes.
- Demonstrate empathy by understanding others' context, priorities, and constraints, adapting communication style to maximize effectiveness with both technical and non-technical audiences.