Security Operations Engineer - Remote Position at Anchorage Digital

About the Role

We are seeking a Security Operations Engineer to join our team at Anchorage Digital. This remote position offers you the opportunity to work with a pioneering crypto platform that provides integrated financial services and infrastructure solutions. As a member of our Security Operations team, you will play a crucial role in enhancing the security posture of our platform while collaborating with a diverse and talented team.

What You'll Do

• Build and maintain security automation and tooling to detect vulnerabilities through static and dynamic analysis across code and live systems.
• Conduct application security assessments, penetration tests, and code reviews to identify high-risk security issues and provide secure development guidance.
• Develop and operate vulnerability management workflows, partnering with engineering teams to prioritize and remediate findings.
• Establish and test security guardrails for code, cloud resources, and infrastructure components throughout the Anchorage platform.
• Monitor and respond to security events and configuration anomalies across the organization, leading investigation and containment efforts.
• Manage the full vulnerability lifecycle from discovery through remediation, tracking progress and ensuring timely closure of findings.
• Lead or substantially contribute to Security Operations initiatives with minimal oversight, coordinating across team boundaries to drive projects to completion.
• Present options clearly and provide well-reasoned priority recommendations.

Requirements

• 3+ years of hands-on experience in security engineering, application security, penetration testing, or security operations.
• Experience with security tooling and automation, particularly using Python, Go, or similar languages.
• Ability to identify and assess security vulnerabilities in applications, APIs, and cloud infrastructure.
• Familiarity with tools like Semgrep, CodeQL, Burp Suite, or equivalent for identifying security issues.
• Understanding of AWS security fundamentals including IAM, VPCs, security groups, and CloudTrail/logging.
• Experience in investigating security events, performing root cause analysis, and coordinating response efforts.
• Strong problem-solving skills and the ability to break complex security problems into manageable workstreams.
• Excellent communication skills to explain security risks and remediation approaches to both technical and non-technical audiences.

Nice to Have

• Experience running or participating in bug bounty programs (HackerOne, Bugcrowd, etc.).
• Experience in a regulated financial services, fintech, or crypto environment.
• Exposure to blockchain security, smart contract auditing, or Web3 technologies.
• Relevant certifications (OSCP, GWAPT, GCIH, AWS Security Specialty, etc.).

What We Offer

• Competitive salary and benefits package.
• Remote work flexibility with opportunities for in-person collaboration.
• Support for professional development and continuous learning.
• A collaborative and inclusive company culture.
• Quarterly in-person collaboration days to strengthen team bonds.