Rodeo
ResourcesPartnersSign in

Chainlink Labs

Security Response Engineer, Incident Response

United Kingdom
Posted about 1 month ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Security Response Engineer, Incident Response

About Chainlink

Chainlink is the industry-standard oracle platform bringing the capital markets onchain and powering the majority of decentralized finance (DeFi). The Chainlink stack provides the essential data, interoperability, compliance, and privacy standards needed to power advanced blockchain use cases for institutional tokenized assets, lending, payments, stablecoins, and more. Since inventing decentralized oracle networks, Chainlink has enabled tens of trillions in transaction value and now secures the vast majority of DeFi.

Many of the world’s largest financial services institutions have also adopted Chainlink’s standards and infrastructure, including Swift, Euroclear, Mastercard, Fidelity International, UBS, S&P Dow Jones Indices, FTSE Russell, WisdomTree, ANZ, and top protocols such as Aave, Lido, GMX and many others. Chainlink leverages a novel fee model where offchain and onchain revenue from enterprise adoption is converted to LINK tokens and stored in a strategic Chainlink Reserve. Learn more at chain.link.

About The Role

As a Security Response Engineer, you’ll own the full security incident response lifecycle. You’ll serve as incident commander – owning the high-level coordination of incidents from scoping through to recovery and post-mortem improvements. We’re looking for a seasoned individual contributor who is comfortable operating across diverse environments. In addition to response efforts, you’ll be heavily involved with the team’s operational responsibilities (creating and refining detections, playbooks, and processes) and project work (automating response actions, improving visibility through creation and deployment of new tooling). You would help continuously improve our response capabilities and efficiency by collaborating with internal and external stakeholders across the company.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Your Impact

Own and improve the incident response lifecycle: act as incident commander for high-severity incidents Join the team's on-call rotation: triage inbound alerts/escalations, coordinate internal and company-wide incidents Improve response readiness: create and automate playbooks, conduct tabletop exercises Address security telemetry gaps: improve existing or build/deploy new tools Increase detection quality: write and tune high-signal detections (in Sigma) Proactively identify and implement areas of improvement and modernization

Requirements

Proven incident response leadership: experience as the primary incident commander for high‑severity security incidents involving multiple teams and external stakeholders, and can independently manage incident timelines, decisions, and communications Operational rigor and investigation depth: demonstrated experience with triage, scoping, containment, and remediation across endpoint, cloud, and/or network based incidents; drives root‑cause analysis and post‑incident action items to completion. Experience in macOS-heavy environments: has secured and operated a predominantly macOS endpoint fleet: deploying / managing endpoint controls, telemetry collection, and performing investigations on macOS systems. Collaborative, straightforward communicator: writes clear incident updates and summaries; can explain risk, impact, and trade‑offs to both technical and non‑technical stakeholders; builds trust with partner teams during high‑pressure situations; comfortable handling the regular communication cadence of an incident Detections experience: ability to create and refine detections based on investigations and threat intelligence Previous coding experience (Python, Go, Rust, or similar): scripting for data parsing/enrichment and simple automations

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Preferred Requirements

Prior success in remote-first environments. Experience with detections‑as‑code (Sigma) development and workflows. Domain experience with blockchain/Web3 threats. Open-source contributions to security related projects.

All roles with Chainlink Labs are global and remote-based. Unless otherwise stated, we ask that you try to overlap some working hours with Eastern Standard Time (EST).

We carefully review all applications and aim to provide a response to every candidate within two weeks after the job posting closes. The closing date is listed on the job advert, so we encourage you to take the time to thoughtfully prepare your application. We want to fully consider your experience and skills, and you will hear from us regarding the status of your application shortly after the closing date.

Commitment to Equal Opportunity

Chainlink Labs is an equal opportunity employer. All qualified applicants will receive equal consideration for employment in compliance with applicable laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us via this form.

Global Data Privacy Notice for Job Candidates and Applicants

Information collected and processed as part of your Chainlink Labs Careers profile, and any job applications you choose to submit, is subject to our Recruiting Privacy Policy. By submitting your application, you are agreeing to our use and processing of your data as required.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Incident Response
Security
Triage
Investigation
Communication
Detection
Automation
Python
Go
Rust
Cloud Security
Endpoint Security
Root-Cause Analysis
Post-Mortem
Threat Intelligence
Playbooks

Location

United Kingdom

Sign up to applySee more jobs like this