Security Engineer (Vulnerability Management)

Nansen logo Nansen

Job Description

About the job

Nansen is a blockchain analytics platform that enriches on-chain data with millions of wallets labels. Crypto investors use Nansen to discover opportunities, perform due diligence and defend their portfolios with our real-time dashboards and alerts.

About The Role

We're hiring a Security Engineer (Vulnerability Management) to join our cybersecurity team. Your main responsibility will be to assess our applications, systems, and networks to identify any deviations from acceptable configurations, or policies. Additionally, you will detect attacks against our applications, networks, and hosts by contributing to the implementation of detective IT systems.

Your goal will be to measure the effectiveness of security measures against both known and unknown vulnerabilities.

Cybersecurity is key in all of our products and internal processes, as such, you will work closely with various stakeholders to ensure the security and integrity of our systems and networks. Your contributions will have a massive impact on the organisation.

You can be located anywhere in Europe, as our work is 100% online. The position is full-time.


  • Analyse organisations cyber defense policies and configurations and evaluate compliance with regulations and organisational directives.
  • Conduct and/or support authorised penetration testing on enterprise network assets.
  • Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, supporting infrastructure, and applications).
  • Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).
  • Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.
  • Develop new or identify existing awareness and training materials that are appropriate for intended audiences.
  • Develop threat model based on customer interviews and requirements.
  • Work with stakeholders to resolve computer security incidents and vulnerability compliance.

Are you the right person for this role?

The ideal candidate for us has experience in the majority of the following areas (we are not expecting everything!)

  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. For example: GDPR.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of cybersecurity and privacy principles and organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Knowledge of programming language structures and logic.
  • Knowledge of system administration, network, application, and operating system hardening techniques.
  • Experience in conducting vulnerability scans and recognising vulnerabilities in systems.
  • Experience in assessing the robustness of security systems and designs.
  • Experience in the use of penetration testing tools and techniques.
  • Experience to apply cybersecurity and privacy principles to organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Experience in testing and evaluating tools for implementation.
  • Experience in prioritising work and making risk-based decisions, including remediation recommendations.
  • Skill in effectively communicating with technical and non-technical stakeholders, both orally and in writing.
  • Skill in working with independence and influencing stakeholders without formal authority.
  • Ability to apply techniques or tooling for detecting application, host and network-based intrusions using intrusion detection technologies.

The following are nice-to-haves:

  • Ability to detect attacks against applications, networks and hosts and react accordingly.
  • Ability to employ information technology (IT) systems and digital storage media to solve, investigate, and/or prosecute cybercrimes and fraud committed against people and property.
  • Experience with Ethereum and the crypto markets (either professionally or as a hobby
Register to Apply

Please let Nansen know that you found this job role on

Similar Jobs

Spend IT logo

Full Stack Developer at Spend IT

$80,000 - $100,000
node typescript api solidity
51 days ago
Glassnode logo

Senior Backend Engineer (Golang) - Greenfield Project (m/f/d). Remote at Glassnode

Backend Engineer Golang SQL Kubernetes Helm
133 days ago
ConsenSys logo

QA Engineer (Confirmations System) at ConsenSys

$139,000 - $175,000
QA Engineer Confirmations Selenium UXUI
135 days ago
Gemini logo

Senior Software Engineer, Fraud at Gemini

$152,000 - $213,000
Scala C++ Typescript Software Engineer
135 days ago
ConsenSys logo

Solidity Engineer at ConsenSys

$187,000 - $235,000
Solidity EVM English< Engineer
136 days ago
Coinbase logo

Staff Smart Contract Engineer - Developer at Coinbase

$201,450 - $237,000
Smart Contracts Engineer Solidity Ethereum
137 days ago
River Financial logo

Staff Accountant at River Financial

$105,000 - $140,000
CPA Accountant
138 days ago
Unit 410 logo

Cryptocurrency Infrastructure Engineer - Remote USA at Unit 410

Engineer Remote Golang Typescript Rust Terraform GCP AWS
139 days ago
CoinMarketCap logo

Senior Web Developer at CoinMarketCap

TypeScript React Webpack Next Web Developer
139 days ago
Sohoby logo

Blockchain (Intern) at Sohoby

Java Python C++ Internship Pakistan
140 days ago