The Detection & Response Engineer will manage detection engineering, response automation, incident management, and threat hunting in a hybrid Web2/Web3 environment, protecting the DeFi platform from various security threats.
About:
Veda is the DeFi engine powering financial apps enabling platforms to seamlessly create on-chain yield products. Our mission is to unlock DeFi for the world by providing seamless, enterprise-grade integrations for modern finance. Veda's technology powers many of DeFi's largest vault products, including ether fi Liquid, PlasmaUSD Vault, Lombard DeFi Vault, and Mantle cmETH.
At $6B in TVL and 100k+ users, Veda is one of the fastest growing DeFi protocols with a team passionate about DeFi and dedicated to our work. This role will be high impact and have the opportunity to directly shape some of the most critical infrastructure in DeFi.
Role:
You will own the Detection & Response (D&R) function across our hybrid Web2+Web3 environment. From designing high-fidelity detections to orchestrating rapid incident containment, both on-chain and off, you will be at the forefront of protecting a fast-moving DeFi platform.
Core Functions:
- Detection Engineering
- Design, build, and continuously tune detection pipelines for cloud, container, and blockchain telemetry (AWS/GCP logs, K8s events, on-chain data streams)
- Maintain real-time monitoring using SIEM/XDR solutions.
- Integrate blockchain-specific monitoring tools (e.g. Hypernative, Hexagate, etc.) with cloud-native telemetry.
- Response Automation
- Build SOAR workflows and automated containment playbooks
- Implement on-chain transaction guardrails and automated policy enforcement for suspicious smart-contract activity
- Incident Management
- Lead incident lifecycle end-to-end: triage, scope, containment, eradication, recovery, and post-mortems
- Conduct blockchain forensics, smart contract incident analysis, and web2 investigations
- Threat Hunting & Purple Teaming
- Proactively identify emerging TTPs by mining multi-source telemetry
- Partner with other engineers to simulate attack scenarios, including DeFi-specific threats (MEV exploitation, oracle manipulation, re-entrancy, governance takeovers).
- Security Architecture & Collaboration
- Partner with DevOps, Backend, and Smart Contract teams to integrate detection logic into pipelines
- Conduct security design reviews for new features, focusing on both application logic and blockchain protocol risks
- Influence secure-by-default engineering practices across Web2 and Web3 stacks
Qualifications:
- 5+ yrs combined experience in Security Operations, Incident Response, or SRE with a strong DevSecOps mindset.
- Strong understanding of cloud-native (AWS/GCP/Azure) and containerized infrastructure (K8s, ECS, etc.) including workload security.
- Proven experience managing modern detection stacks (Elastic, Splunk, Panther, Chronicle, or equivalents) and iac-driven deployments.
- Hands-on with container & K8s security: admission controller policies, runtime hardening, image scanning, network policies.
- Hands-on Kubernetes and container security (OPA Gatekeeper/Kyverno, Falco, runtime hardening, network segmentation, image scanning, etc.).
- Technical Skills
- Proficient in at least one production-grade programming language (Python, Go, Rust) with a track record of automated security tooling.
- SOAR platform integration experience with demonstrated ability to transform log data into automated containment actions.
- Familiarity with blockchain-specific security monitoring tools and workflows.
- Web3/DeFi Knowledge
- Understanding of DeFi-specific attack vectors such as flash-loan exploits, cross-chain bridge attacks, MEV, governance exploits, and protocol-level vulnerabilities.
- Working knowledge of Solidity, smart-contract testing frameworks (e.g., Foundry, Hardhat), and secure development patterns.
- Security Methodology
- Familiarity with MITRE ATT&CK (Enterprise + DeFi mappings), threat modeling methodologies, and purple-team collaboration frameworks.
- Experience implementing zero-trust architectures, modern identity & access management, and secrets management best practices.
Nice-to-Have:
- Experience in digital asset custody security, wallet infrastructure, and multi-sig/threshold signature systems.
- Experience with anomaly detection/ML-based detection systems in a security context.
Benefits at Veda
We’re a small, tight-knit team building the infrastructure that powers a new generation of financial products on-chain, composable, and accessible to anyone. We believe the full potential of DeFi is still ahead of us, and we’re here to help unlock it.
We also believe that great work comes from people who feel trusted, supported, and aligned with the mission. Here’s how we try to make that happen:
Health Coverage
We offer medical, dental, and vision coverage for employees. For international contractors, we work closely to ensure access to appropriate local or global health coverage.
Flexible Time Off
We don’t track vacation days. Take the time you need to rest and recharge—we trust you to manage your schedule.
Remote-First by Design
Our team spans time zones and geographies. We work async, with a focus on autonomy over micromanagement.
Parental Leave
Paid leave is available for new parents, whether you’re the primary or secondary caregiver.
Learning & Development
We offer stipends to support ongoing learning - whether it’s a course, a conference, or something else that helps you grow.
Top Skills
AWS
Azure
Elastic
GCP
Go
Kubernetes
Python
Rust
Solidity
Splunk
Similar Jobs
Information Technology
The role involves developing detection mechanisms, conducting advanced security investigations, managing MSSP operations, automating security processes, and maintaining documentation. Key responsibilities include creating detection logic and performing threat hunting activities.
Top Skills:
BashEndpoint Detection And Response (Edr)Intrusion Detection Systems (Ids)Mitre Att&Ck FrameworkPowershellPythonSecurity Information And Event Management (Siem)
Cloud • Information Technology • Security • Software • Cybersecurity
Seeking a Senior Majors Account Executive to lead strategic customer engagements, manage complex sales cycles, and drive enterprise-level revenue growth. Ideal candidates will possess deep knowledge of enterprise architecture and cloud solutions, engaging with C-suite executives and leading virtual teams.
Top Skills:
Google SuiteMeddpiccMsft SuiteSalesforceTableau
Fintech • HR Tech • Payments • Social Impact • Financial Services
The Client Platform Engineer II will design, implement, and manage client endpoint platforms, develop automation strategies, enhance security, and mentor junior engineers.
Top Skills:
Ci/CdCrowdstrikeDhcpDnsFortinetGitGoogle WorkspaceIntuneJAMFJAMFJIRAMerakiNetskopeOktaPalo AltoPythonShellTcp/IpTerraformVpnZero TrustZscaler
What you need to know about the Charlotte Tech Scene
Ranked among the hottest tech cities in 2024 by CompTIA, Charlotte is quickly cementing its place as a major U.S. tech hub. Home to more than 90,000 tech workers, the city’s ecosystem is primed for continued growth, fueled by billions in annual funding from heavyweights like Microsoft and RevTech Labs, which has created thousands of fintech jobs and made the city a go-to for tech pros looking for their next big opportunity.
Key Facts About Charlotte Tech
- Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
- Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
- Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
- Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus
