Principal Security Engineer - Detection & Response

4 Months ago • All levels

About the job

SummaryBy Outscal

Security Engineer role focusing on detection and response, automating playbooks, with strong expertise in defensive security and blue teams. Experience with AI and sophisticated tooling is a must.
About Us 🚀

Immutable is a global technology company, powering the world of NFTs on Ethereum. We are on a mission to be the number one ecosystem for NFTs which empowers and rewards users.  Founded in 2018, Immutable is one of the fastest Australian companies to reach unicorn status, having raised more than AUD $300M+ and having a valuation of AUD $3.5 billion.

Currently, the Immutable Group consists of the Immutable Platform, the preferred developer platform for building & scaling web3 games on Ethereum, and Immutable Games, a global leader in web3 game development and publishing with leading titles Gods Unchained and Guild of Guardians.

It is our ambition to make digital worlds real; we have incredible global growth plans as we strive to become the number one ecosystem for NFTs. 

Come and join us as we pioneer in this space! 🚀

About The Role 🤔

Immutable’s mission is to power the next generation of web3 games. Bringing the next million users into web3 requires that our products are safe for everyone and anyone to use.

The Immutable security team ensures the organisation has the knowledge, tools, and drive required to build that trust.

Immutable needs to know its adversaries, their tools, tactics and procedures and deploy mitigating controls and detections to deter them. We need to understand the attack paths, the probabilities of these paths and the cost of controls and detections. We need to elevate the cost to the attacker while amortising our own cost.

Detection and response can be seen as a closed loop, with detections such as code-driven automated playbooks that deliver enriched information for a human or a machine/model to make a decision.

Immutable needs to improve this iterative flywheel between adversary behaviour, attack graphs, mitigating controls, detections and response playbooks. It needs to be fast and low cost (in terms of effort). Responding to adversary behaviour and simulations allows Immutable to implement more effective control and detections. This will lead to Immutable emulating adversary behaviour using code and having the ability to ensure the efficacy of our detection pipelines.

We hire the best and provide them with the best tooling. From the security platform to web2 and web3 intelligence - the successful candidate will be able to acquire and respond to high-fidelity signals. If this sounds like you, please apply!

You’ll Be Empowered To 🎮

    • Dive deep into detection engineering and detections (and playbooks) as code.
    • Facilitate deep work, understanding the problem empirically and knowing where to place our preventative controls and detections.
    • Control the end-to-end pipeline from detection to automated or semi-automated response through playbooks.
    • Leverage the fantastic platforms and tooling that Immutable has acquired to move fast and deliver impact.
    • Benefit from iterating on attack graphs (non-linear threat models) that allow you to focus on the most important detections to protect Immutable’s crown jewels.
    • Automate busy work and allocate time to ensure you can focus on the most important security problems at Immutable.
    • Come in and heavily automate detection and response playbooks using code and AI.
    • Unlock impact daily, creating a positive feedback loop and delivering results and impact quickly.
    • Work with significant agency and autonomy, with the responsibility to drive a roadmap that incorporates enterprise IT, detection and response and identity and access.

We'd Love You To Bring 🤝

    • Expert ability to prioritise actions based on security effectiveness and their cost (time/delay/money) to the organisation.
    • Capabilities in setting a technical strategy, understanding the strategy requires transition states and when those states need to be changed.
    • The ability to move quickly from technical strategy to actions (tactics) with the actions being aligned to cost and complexity (crawl, walk, run).
    • Expert understanding of defensive security and blue teams empirically. Not swayed by fads or FUD, but rather knowing the tools and platforms needed to be effective.
    • Ability to identify what good looks like because you’ve delivered or seen it before.
    • Willingness and interest to incorporate AI and sophisticated tooling into your security philosophy.
    • Comfort working in smaller teams and delivering 10x results - you won’t be able to use large teams to solve your problems but need to think in terms of small, focused teams that drive sophisticated tooling and AI.
    • World-class intuition - it needs to be close or on the mark every time.
    • The ability to design, implement and monitor security metrics that indicate their business's current or desired state.
    • High propensity to get things done (focus on execution and results)
    • Pragmatism - must be capable of staging out these best practices according to business needs.
    • Effective communication skills, with the ability to speak with empathy and influence the work of other teams.
    • Experience working in a scaling tech company.
    • An interest in Blockchain is not required but is a very strong indicator.
We are proud of the benefits that we offer for all of our employees globally.  Here is a snapshot: 

Attracting the best global talent:
💸We commit to paying globally competitive salaries and contributions & we share our products' success through Employee Stock Options. We also support our US Employees with Medical and 401K Insurance
💻 While we offer flexible working arrangements, we have an epic head office in the heart of Sydney and offer remote office hubs around the globe via a WeWork all-access pass
📲We offer USD $500 WFH allowance to set up your home office and USD $600 per annum to put toward your internet and phone usage.

Levelling up your growth
🌱 We offer up to USD $1,350 per annum for any classes, courses or events to support your growth and development
📚 Enjoy access to free online courses via Udemy

Helping you thrive
💆🏽‍♀️ Enjoy USD $800 per year to put toward your health and wellbeing
🤗 Get 24/7 access to unlimited counselling for you and your family when you need it through our EAP Service
🎁  Monthly subsidy and discounted rate with ClassPass, including a 1-year free membership to Breethe

Leave when you need it the most: 
👨‍👧‍👦New parents receive 12 weeks of paid leave in our gender-neutral offer. The birthing parent also gets an additional six weeks of leave for rest and recovery leading up to and after birth. We also offer Miscarriage Leave and extra leave for IVF treatments
🎂 Enjoy 2 additional paid annual leave days at the end of the year and a paid day off for your birthday

Additional Information: 

Immutable is committed to building and fostering an inclusive, diverse workplace. We believe in incorporating everyone's perspectives and experiences as this has been a significant driver of our success so far. 

We are a 2024 Circle Back Initiative Employer – we commit to responding to every applicant.

*A note to recruitment agencies: Our internal team has this role covered, so there is no need to reach out - We don't accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes. Thank you!

Join us in shaping the future of web3 gaming!

#LI-Remote

About The Company

We are making digital worlds real.


Immutable is advancing the world of NFTs through Immutable, an industry-leading NFT minting and trading platform and Immutable Studios, an NFT game development studio.


Join the Game Changers and help shape the future of gaming. Be part of the team powering the new world of web3 games and digital ownership - for everyone. Embrace the extraordinary.

New South Wales, Australia (On-Site)

North Holland, Netherlands (Remote)

County Dublin, Ireland (Remote)

British Columbia, Canada (Remote)

New South Wales, Australia (Remote)

New South Wales, Australia (Remote)

View All Jobs

Similar Jobs

ElevenLabs - IT Security Engineer

Worldwide (Remote)

Sonar Source - Security Engineer

North Rhine-Westphalia, Germany (On-Site)

Sonar Source - Security Engineer

Texas, United States (On-Site)

Zynga - Principal Application Security Engineer

Remote, Us Toronto, Canada (Remote)

Playtech - Senior Application Security Engineer

Diefenbachgasse 35, Wien, Austria (On-Site)

Zuora - Senior Security Engineer

Karnataka, India (Hybrid)

Playtech - Network Security Engineer

Boulevard \"tsarigradsko Shose\" 115, Sofia, Bulgaria (On-Site)

Playtech - Junior Cloud Security Engineer

Sportyvna Square, Kyiv, Ukraine (On-Site)

Similar Skill Jobs

Jobs in Sydney, New South Wales, Australia

Easygo - Senior Product Manager (Sportsbook)

Victoria, Australia (On-Site)

VGW - Workplace Experience Coordinator

New South Wales, Australia (On-Site)

dentsu - Senior Programmatic Executive

Queensland, Australia (On-Site)

Salesforce - Account Executive, Tableau

Victoria, Australia (On-Site)

Nintendo - Marketing Specialist

Victoria, Australia (On-Site)

VGW - Senior Software Engineer

Western Australia, Australia (On-Site)

VGW - Privacy Analyst

Western Australia, Australia (On-Site)

Fluence - Business Development Manager

Victoria, Australia (Hybrid)

Sonar Source - Solutions Engineer - ANZ

New South Wales, Australia (Remote)

Sonar Source - Enterprise Account Executive - APJ

Victoria, Australia (On-Site)

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug