Senior Infrastructure Security Engineer

Role Overview

Join Matter Labs as a Senior Infrastructure Security Engineer to secure the corporate and production infrastructure powering ZKsync. You’ll build and improve defenses across identity, endpoint, and detection-and-response, working closely with IT Ops, DevOps, Protocol Security, and Engineering.

Key Missions

• Ensure security for enterprise and production infrastructure behind ZKsync, owning defenses across identity, endpoint, and detection/response.
• Collaborate with IT Ops, DevOps, Protocol Security, and Engineering to integrate security into day-to-day operations.
• Lead and participate in end-to-end security incident investigations, improving procedures and detection quality after each incident.

Responsibilities / What You’ll Be Doing

• Implement and operate security controls beyond default settings (IAM, governance, guardrails).
• Build durable detections and maintain detection/response operations (SIEM/SOAR).
• Handle incident response end-to-end, including on-call participation and leading investigations.
• Secure and harden a macOS-dominant endpoint fleet (MDM, hardening baselines, EDR), including Mac-specific attack paths and telemetry reasoning.
• Apply security automation practices using Infrastructure as Code and secrets management.

Requirements

• 5+ years hands-on experience in infrastructure security and/or detection-and-response security.
• Production experience securing cloud-based identity and collaboration platforms at scale, including specific policies, third-party app governance, and incident work.
• Strong cloud security background: IAM, network controls, workload identity, and org-level guardrails.
• Proven incident response experience: security on-call and investigations to conclusion.
• Clear, constructive technical communication with both engineering and non-technical stakeholders.
• Practical macOS endpoint security experience: MDM, endpoint hardening baselines, EDR; understanding Mac telemetry and attack paths.
• Hands-on experience with a modern SIEM/SOAR: writing detections, onboarding log sources, response playbooks, and tuning to reduce false positives.
• Comfort with Infrastructure as Code, secrets management, and security automation.

Nice to Have

• Blockchain/Web3 exposure: validator/sequencer operations, key management for on-chain systems, or wallet operations (hot/cold).
• Background related to Ethereum, Solidity, or ZK.
• Compliance experience with SOC 2 and/or ISO 27001 (control mapping, evidence collection, auditor work).
• Detection engineering as code: Git-based rule management, CI for detections, purple-team validation.
• Kubernetes security (admission control, runtime detection, supply chain).
• Experience working in lean security teams with end-to-end domain ownership.