Chainlink Labs

Security Response Engineer, Incident Response

Chainlink Labs

full-time

Posted on:

Location Type: Remote

Location: Australia

Visit company website

Explore more

AI Apply
Apply

Tech Stack

CloudGoMacOSPythonRustWeb3

About the role

  • Own and improve the incident response lifecycle: act as incident commander for high-severity incidents
  • Join the team's on-call rotation: triage inbound alerts/escalations, coordinate internal and company-wide incidents
  • Improve response readiness: create and automate playbooks, conduct tabletop exercises
  • Address security telemetry gaps: improve existing or build/deploy new tools
  • Increase detection quality: write and tune high-signal detections (in Sigma)
  • Proactively identify and implement areas of improvement and modernization

Requirements

  • Proven incident response leadership: experience as the primary incident commander for high‑severity security incidents involving multiple teams and external stakeholders, and can independently manage incident timelines, decisions, and communications
  • Operational rigor and investigation depth: demonstrated experience with triage, scoping, containment, and remediation across endpoint, cloud, and/or network based incidents; drives root‑cause analysis and post‑incident action items to completion.
  • Experience in macOS-heavy environments: has secured and operated a predominantly macOS endpoint fleet: deploying / managing endpoint controls, telemetry collection, and performing investigations on macOS systems.
  • Collaborative, straightforward communicator: writes clear incident updates and summaries; can explain risk, impact, and trade‑offs to both technical and non‑technical stakeholders; builds trust with partner teams during high‑pressure situations; comfortable handling the regular communication cadence of an incident
  • Detections experience: ability to create and refine detections based on investigations and threat intelligence
  • Previous coding experience (Python, Go, Rust, or similar): scripting for data parsing/enrichment and simple automations
Benefits
  • All roles with Chainlink Labs are global and remote-based.
  • If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us via this form.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
incident responsetriageroot-cause analysispost-incident action itemsmacOS securityendpoint controlstelemetry collectionPythonGoRust
Soft Skills
incident commandercollaborative communicationclear writingtrust buildinghigh-pressure situation management