×
Register Here to Apply for Jobs or Post Jobs. X

SecOps Engineer

Job in Addison, Dallas County, Texas, 75001, USA
Listing for: Ledger
Full Time position
Listed on 2026-07-06
Job specializations:
  • IT/Tech
    Cybersecurity, Security Management & Operations, Cloud Computing: Infrastructure & Operations
Job Description & How to Apply Below
Position: Staff SecOps Engineer

Staff Security Operations Engineer

We're a team of experts pushing the limits of what's possible, united by our common goal to unlock true freedom through digital ownership, making technology accessible for all. We believe in a world where users, creators and enterprises manage their value with ownership and freedom. Our curiosity drives us to innovate, empowering individuals on a global scale. We believe change is constant and our team moves forward as one, with a culture of problem-solving where every employee is empowered and supported to challenge tradition and create solutions.

Our mission is simple: to make self-custody accessible and give people the keys to their own financial futures. If you want to make a true impact, we want you to join us at Ledger.

At Ledger, we're proud to be the global platform for digital assets and Web3, with over 20% of the world's crypto assets secured through our Ledger devices. With our headquarters in Paris, and offices in Vierzon, Grenoble, Montpellier, London, Portland, Geneva, Zurich and Central Singapore, we have a team of around 600 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 7.5 millions units already sold in 200 countries.

You'll join the Security Operations team, responsible for protecting Ledger's corporate, cloud, SaaS, and data center environments. Its mission: to anticipate, detect, investigate, and respond to cyber threats—including monitoring, alert triage, incident response, detection, visibility, automation, exposure tracking, and continuous process improvement. The scope is distinct from that of the Donjon (product security):
Sec Ops covers the operational security of internal environments, the cloud, endpoints, workloads, identities, and infrastructure.

As a close-knit and experienced team—technically demanding and committed to knowledge sharing—we're also continuously building the SOC itself: integrating new log sources, ensuring data quality, expanding detection coverage, and developing reliable dashboards and operational workflows.

Our technical stack includes:

  • Splunk for SIEM, investigations, and dashboards;
  • Crowd Strike for EDR and endpoint/workload security;
  • Wiz for cloud security and exposure management;
  • Torq for SOAR and automation;
  • AWS, including modern environments such as EKS/Kubernetes;
  • An in-house developed Agentic SOC for alert enrichment, correlation, investigation support, reporting, and automation.

AI is at the heart of how we work: investing in AI applied to security is a strategic priority for Ledger this year. We've built our own in-house Agentic SOC, which autonomously investigates weak signals—the large volume of unreliable alerts that a human team couldn't sort through manually—and enriches them, so our engineers can focus on what matters most and resolve incidents faster: high-quality detection, noise reduction, and accelerated investigations.

What you'll be doing:

As a Staff Security Operations Engineer, you are the Sec Ops team's top technical expert and our go-to authority on incident management. You lead the response to the most critical and complex incidents (CSIRT), spearhead proactive threat hunting, and define the detection and response strategy that the entire team relies on. Beyond day-to-day operations, you shape the architecture of our detection pipeline, SIEM, and automation—including the management of our internal Agentic SOC—and you establish the standards, playbooks, and methodologies that raise the technical bar for the entire team.

Above all, you're a builder: beyond design, you'll build and actively evolve our systems—the Agentic SOC, the log pipeline, and automation—with a solid understanding of the underlying infrastructure. This is an expert role (individual contributor): your impact stems from your expertise, your judgment under pressure, and your influence.

Critical Incident Response (CSIRT):

  • Serve as the primary point of contact and coordinator for the most complex incidents across the cloud, corporate systems, endpoints,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary