The Detection & Response Engineer will manage detection engineering, response automation, incident management, and threat hunting in a hybrid Web2/Web3 environment, protecting the DeFi platform from various security threats.
About:
Veda is the DeFi engine powering financial apps enabling platforms to seamlessly create on-chain yield products. Our mission is to unlock DeFi for the world by providing seamless, enterprise-grade integrations for modern finance. Veda's technology powers many of DeFi's largest vault products, including ether fi Liquid, PlasmaUSD Vault, Lombard DeFi Vault, and Mantle cmETH.
At $6B in TVL and 100k+ users, Veda is one of the fastest growing DeFi protocols with a team passionate about DeFi and dedicated to our work. This role will be high impact and have the opportunity to directly shape some of the most critical infrastructure in DeFi.
Role:
You will own the Detection & Response (D&R) function across our hybrid Web2+Web3 environment. From designing high-fidelity detections to orchestrating rapid incident containment, both on-chain and off, you will be at the forefront of protecting a fast-moving DeFi platform.
Core Functions:
- Detection Engineering
- Design, build, and continuously tune detection pipelines for cloud, container, and blockchain telemetry (AWS/GCP logs, K8s events, on-chain data streams)
- Maintain real-time monitoring using SIEM/XDR solutions.
- Integrate blockchain-specific monitoring tools (e.g. Hypernative, Hexagate, etc.) with cloud-native telemetry.
- Response Automation
- Build SOAR workflows and automated containment playbooks
- Implement on-chain transaction guardrails and automated policy enforcement for suspicious smart-contract activity
- Incident Management
- Lead incident lifecycle end-to-end: triage, scope, containment, eradication, recovery, and post-mortems
- Conduct blockchain forensics, smart contract incident analysis, and web2 investigations
- Threat Hunting & Purple Teaming
- Proactively identify emerging TTPs by mining multi-source telemetry
- Partner with other engineers to simulate attack scenarios, including DeFi-specific threats (MEV exploitation, oracle manipulation, re-entrancy, governance takeovers).
- Security Architecture & Collaboration
- Partner with DevOps, Backend, and Smart Contract teams to integrate detection logic into pipelines
- Conduct security design reviews for new features, focusing on both application logic and blockchain protocol risks
- Influence secure-by-default engineering practices across Web2 and Web3 stacks
Qualifications:
- 5+ yrs combined experience in Security Operations, Incident Response, or SRE with a strong DevSecOps mindset.
- Strong understanding of cloud-native (AWS/GCP/Azure) and containerized infrastructure (K8s, ECS, etc.) including workload security.
- Proven experience managing modern detection stacks (Elastic, Splunk, Panther, Chronicle, or equivalents) and iac-driven deployments.
- Hands-on with container & K8s security: admission controller policies, runtime hardening, image scanning, network policies.
- Hands-on Kubernetes and container security (OPA Gatekeeper/Kyverno, Falco, runtime hardening, network segmentation, image scanning, etc.).
- Technical Skills
- Proficient in at least one production-grade programming language (Python, Go, Rust) with a track record of automated security tooling.
- SOAR platform integration experience with demonstrated ability to transform log data into automated containment actions.
- Familiarity with blockchain-specific security monitoring tools and workflows.
- Web3/DeFi Knowledge
- Understanding of DeFi-specific attack vectors such as flash-loan exploits, cross-chain bridge attacks, MEV, governance exploits, and protocol-level vulnerabilities.
- Working knowledge of Solidity, smart-contract testing frameworks (e.g., Foundry, Hardhat), and secure development patterns.
- Security Methodology
- Familiarity with MITRE ATT&CK (Enterprise + DeFi mappings), threat modeling methodologies, and purple-team collaboration frameworks.
- Experience implementing zero-trust architectures, modern identity & access management, and secrets management best practices.
Nice-to-Have:
- Experience in digital asset custody security, wallet infrastructure, and multi-sig/threshold signature systems.
- Experience with anomaly detection/ML-based detection systems in a security context.
Benefits at Veda
We’re a small, tight-knit team building the infrastructure that powers a new generation of financial products on-chain, composable, and accessible to anyone. We believe the full potential of DeFi is still ahead of us, and we’re here to help unlock it.
We also believe that great work comes from people who feel trusted, supported, and aligned with the mission. Here’s how we try to make that happen:
Health Coverage
We offer medical, dental, and vision coverage for employees. For international contractors, we work closely to ensure access to appropriate local or global health coverage.
Flexible Time Off
We don’t track vacation days. Take the time you need to rest and recharge—we trust you to manage your schedule.
Remote-First by Design
Our team spans time zones and geographies. We work async, with a focus on autonomy over micromanagement.
Parental Leave
Paid leave is available for new parents, whether you’re the primary or secondary caregiver.
Learning & Development
We offer stipends to support ongoing learning - whether it’s a course, a conference, or something else that helps you grow.
Top Skills
AWS
Azure
Elastic
GCP
Go
Kubernetes
Python
Rust
Solidity
Splunk
Similar Jobs
Legal Tech
As a Cybersecurity Engineer, lead incident response activities, conduct digital forensics, monitor security alerts, and improve detection capabilities while collaborating with various teams.
Top Skills:
ArcsightAWSAzureCarbon BlackCrowdstrikeDefenderDnsEdrElkEncaseFirewallsForensic ToolsHttp/SLinuxM365Microsoft SentinelProxy TechnologiesQradarSIEMSplunkTcp/IpVelociraptorVpnsWindows
Artificial Intelligence • Fintech • Machine Learning • Natural Language Processing • Business Intelligence
Responsible for enhancing detection engineering, response automation, and threat hunting capabilities. Collaborate on detection rules, automated incident responses, and lead threat hunting initiatives.
Top Skills:
AWSEdrGCPJupyter NotebooksOsqueryPythonSIEMSigmaSoarVelociraptorYara-L
Artificial Intelligence • Cloud • Information Technology • Sales • Security • Software • Cybersecurity
The Accounting Manager oversees the accounting operations of Corporate and North America subsidiaries, ensuring compliance with US GAAP and leading month-end close processes, as well as enhancing operational efficiencies.
Top Skills:
AdpConcurCoupaNetSuite
What you need to know about the Seattle Tech Scene
Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.
Key Facts About Seattle Tech
- Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Amazon, Microsoft, Meta, Google
- Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Madrona, Fuse, Tola, Maveron
- Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute
