Summary

We are seeking an experienced Security Engineer to join our Security team. This is a fast-paced environment where you will play a pivotal role in enhancing and safeguarding GSR’s security infrastructure. You’ll be part of a small, agile team with broad responsibilities, balancing security operations with security tooling ownership and continuous improvement.

This role is ideal for someone passionate about cybersecurity, automation, and operational excellence. You will own and optimise security tooling, proactively improve detection and response, and collaborate across teams to embed security best practices into our technology and processes.

Experience in crypto or finance is not required; we prioritise technical skills, problem-solving abilities, and a proactive mindset. We have offices in London, New York, Singapore, Zug, and Málaga. Some travel may be required.

What You’ll Do

1. Monitor, detect, and respond to security incidents using SIEM, EDR, network security, email security, and threat intelligence platforms.
2. Optimise security tooling, ensuring effective configurations, alert fidelity, and minimal false positives.
3. Perform attack surface monitoring, identifying and mitigating external risks before they can be exploited.
4. Conduct threat hunting, log analysis, and forensic investigations to uncover potential threats.
5. Support vulnerability management, track risks, and coordinate remediation efforts.
6. Strengthen endpoint, network, and cloud security controls, ensuring robust protection across the organisation.
7. Contribute to security policies, awareness initiatives, and compliance efforts (MAS, ISO27001, SOC2).
8. Support security monitoring and investigations related to blockchain and digital assets.

What You’ll Bring

1. Experience in security operations, incident response, and threat detection.
2. Strong knowledge and experience in SIEMs, EDRs, network security, threat intelligence platforms and other security tools, (WebProxies, WAFs, Firewalls, Email Security platforms, etc.)
3. Strong understanding of AWS, Docker, and Kubernetes, including security best practices for cloud and containerised environments.
4. Strong understanding of various types of attacks and mitigation methods.
5. Experience in dynamic and static malware analysis, sufficient to understand and interpret the results of automated analysis.
6. Strong understanding of social engineering attacks. Email analysis.
7. Proficiency in scripting to automate security processes.
8. Hands-on experience optimising security tools to improve detection accuracy.
9. Detection content development, tuning and improvement.
10. Strong analytical, problem-solving, and communication skills.
11. A proactive mindset, taking ownership of security challenges and continuously improving processes.

What we offer:

1. A collaborative and transparent company culture founded on Integrity, Innovation, and Performance.
2. Competitive salary with two discretionary bonus payments a year.
3. Benefits such as healthcare, dental, vision, retirement planning, 30 days holiday, and free lunches when in the office.
4. Regular town halls, team lunches, and social events.
5. A corporate and social responsibility program, including charity fundraising matching and volunteer days.
6. Access to training and support for professional certifications, with formal learning resources such as Udemy and INE to enhance continuous professional development.

Skills

• Analytical Thinking
• AWS
• Communications Skills
• Development
• Problem Solving
• Software Engineering
• Team Collaboration