This is a Principal Security Engineer role with one of the leading companies in AU right now Immutable with an amazing team. They are continuing to grow rapidly. This is the chance to join right as the takes off. More About the Role at Immutable About Us Immutable is a global technology company, powering the world of NFTs on Ethereum. We are on a mission to be the number one ecosystem for NFTs which empowers and rewards users. Founded in 2018, Immutable is one of the fastest Australian companies to reach unicorn status, having raised more than AUD $300M and having a valuation of AUD $3.5 billion. Currently, the Immutable Group consists of the Immutable Platform, the preferred developer platform for building & scaling web3 games on Ethereum, and Immutable Games, a global leader in web3 game development and publishing with leading titles Gods Unchained and Guild of Guardians. It is our ambition to make digital worlds real; we have incredible global growth plans as we strive to become the number one ecosystem for NFTs. Come and join us as we pioneer in this space About The Role Immutable’s mission is to power the next generation of web3 games. Bringing the next million users into web3 requires that our products are safe for everyone and anyone to use. The Immutable security team ensures the organisation has the knowledge, tools, and drive required to build that trust. Immutable needs to know its adversaries, their tools, tactics and procedures and deploy mitigating controls and detections to deter them. We need to understand the attack paths, the probabilities of these paths and the cost of controls and detections. We need to elevate the cost to the attacker while amortising our own cost. Detection and response can be seen as a closed loop, with detections such as code-driven automated playbooks that deliver enriched information for a human or a machine/model to make a decision. Immutable needs to improve this iterative flywheel between adversary behaviour, attack graphs, mitigating controls, detections and response playbooks. It needs to be fast and low cost (in terms of effort). Responding to adversary behaviour and simulations allows Immutable to implement more effective control and detections. This will lead to Immutable emulating adversary behaviour using code and having the ability to ensure the efficacy of our detection pipelines. We hire the best and provide them with the best tooling. From the security platform to web2 and web3 intelligence - the successful candidate will be able to acquire and respond to high-fidelity signals. If this sounds like you, please apply You’ll Be Empowered To - Dive deep into detection engineering and detections (and playbooks) as code. - Facilitate deep work, understanding the problem empirically and knowing where to place our preventative controls and detections. - Control the end-to-end pipeline from detection to automated or semi-automated response through playbooks. - Leverage the fantastic platforms and tooling that Immutable has acquired to move fast and deliver impact. - Benefit from iterating on attack graphs (non-linear threat models) that allow you to focus on the most important detections to protect Immutable’s crown jewels. - Automate busy work and allocate time to ensure you can focus on the most important security problems at Immutable. - Come in and heavily automate detection and response playbooks using code and AI. - Unlock impact daily, creating a positive feedback loop and delivering results and impact quickly. - Work with significant agency and autonomy, with the responsibility to drive a roadmap that incorporates enterprise IT, detection and response and identity and access. We'd Love You To Bring - Expert ability to prioritise actions based on security effectiveness and their cost (time/delay/money) to the organisation. - Capabilities in setting a technical strategy, understanding the strategy requires transition states and when those states need to be changed. - The ability to move quickly from technical strategy to actions (tactics) with the actions being aligned to cost and complexity (crawl, walk, run). - Expert understanding of defensive security and blue teams empirically. Not swayed by fads or FUD, but rather knowing the tools and platforms needed to be effective. - Ability to identify what good looks like because you’ve delivered or seen it before. - Willingness and interest to incorporate AI and sophisticated tooling into your security philosophy. - Comfort working in smaller teams and delivering 10x results - you won’t be able to use large teams to solve your problems but need to think in terms of small, focused teams that drive sophisticated tooling and AI. - World-class intuition - it needs to be close or on the mark every time. - The ability to design, implement and monitor security metrics that indicate their business's current or desired state. - High propensity to get things done (focus on execution and results) - Pragmatism - must be capable of staging out these best practices according to business needs. - Effective communication skills, with the ability to speak with empathy and influence the work of other teams. - Experience working in a scaling tech company. - An interest in Blockchain is not required but is a very strong indicator. If you don’t think you're a perfect fit, you should still sign up to Hatch and create a profile, we'll match you to other roles that suit your profile. Hatch exists to level the playing field for people as they discover a career that’s right for them. We model this in our hiring process for our partners like Immutable. ✅ Applying here is the first step in the hiring process for this role at Immutable. We do not discriminate on the basis of gender identity, sexual orientation, cultural identity, disability, age, or any other non-merit factors. To put it simply, Hatch is for everyone.