Web3 Localization Operations Job November 2025

As our Detection & Response Engineer, you will be the owner of the D&R function across our sophisticated hybrid Web2+Web3 environment. Your mission will be to safeguard our fast-moving DeFi platform by designing robust detections and orchestrating rapid incident containment. Your core responsibilities will include:

Core Functions:

• Detection Engineering: Design, build, and continuously refine detection pipelines for cloud, container, and blockchain telemetry (AWS/GCP logs, K8s events, on-chain data streams). Maintain real-time monitoring using SIEM/XDR solutions and integrate blockchain-specific tools like Hypernative or Hexagate.
• Response Automation: Develop SOAR workflows and automated containment playbooks. Implement on-chain transaction guardrails and automated policy enforcement for suspicious smart-contract activity.
• Incident Management: Lead the incident lifecycle end-to-end, from triage and scoping to containment, eradication, recovery, and post-mortems. Conduct detailed blockchain forensics, smart contract incident analysis, and web2 investigations.
• Threat Hunting & Purple Teaming: Proactively identify emerging Tactics, Techniques, and Procedures (TTPs) by mining multi-source telemetry. Collaborate with other engineers to simulate attack scenarios, including DeFi-specific threats like MEV exploitation, oracle manipulation, re-entrancy, and governance takeovers.
• Security Architecture & Collaboration: Partner with DevOps, Backend, and Smart Contract teams to embed detection logic into development pipelines. Conduct security design reviews for new features, focusing on both application logic and blockchain protocol risks, and champion secure-by-default engineering practices.

We are seeking a highly skilled and proactive individual with a strong DevSecOps mindset and a passion for securing decentralized systems:

• Experience: 5+ years of combined experience in Security Operations, Incident Response, or Site Reliability Engineering (SRE).
• Cloud & Container Security: Strong understanding of cloud-native (AWS/GCP/Azure) and containerized infrastructure (K8s, ECS, etc.), including workload security. Hands-on experience with container & K8s security tools (OPA Gatekeeper/Kyverno, Falco, runtime hardening, network segmentation, image scanning).
• Detection Stacks: Proven experience managing modern detection platforms such as Elastic, Splunk, Panther, Chronicle, or equivalents, alongside Infrastructure-as-Code (IaC)-driven deployments.
• Technical Proficiency: Proficient in at least one production-grade programming language (Python, Go, Rust) with a track record of building automated security tooling. Experience with SOAR platform integration to transform log data into automated containment actions.
• Web3/DeFi Knowledge: In-depth understanding of DeFi-specific attack vectors (flash-loan exploits, cross-chain bridge attacks, MEV, governance exploits, protocol vulnerabilities). Working knowledge of Solidity, smart-contract testing frameworks (Foundry, Hardhat), and secure development patterns.
• Security Methodology: Familiarity with MITRE ATT&CK (Enterprise + DeFi mappings), threat modeling, purple-team collaboration frameworks, zero-trust architectures, modern identity & access management, and secrets management best practices.

Nice-to-Have:

• Experience in digital asset custody security, wallet infrastructure, and multi-sig/threshold signature systems.
• Experience with anomaly detection or ML-based detection systems in a security context.

To join our dynamic, remote-first team at Veda and help us secure the future of DeFi, please click the button below. In your application, tell us about your most impactful experience in Web3 security or incident response and how you believe you can contribute to our mission. We are excited to review your application!

Apply Now

Submit Application

🎉 Your application has been sent! We will contact you soon.

Q1: What is the application deadline for this position?
The closing date for applications is December 5, 2025. We encourage all interested candidates to apply promptly.

Q2: Is this a remote or in-office position?
This is a remote-first position, welcoming candidates from various time zones and geographies.

Q3: What level of experience is Veda looking for in this role?
We require candidates to have 5+ years of combined experience in Security Operations, Incident Response, or SRE, with a strong DevSecOps mindset.

Q4: What specific Web3/DeFi knowledge is considered crucial for this role?
Crucial knowledge includes understanding DeFi-specific attack vectors (e.g., flash-loan exploits, MEV), working knowledge of Solidity, smart-contract testing frameworks (Foundry, Hardhat), and secure development patterns.