Jobs · ashby:ledger
Staff SecOps Engineer
Solstice Analytics · Paris, France · Posted 13d ago
About the role
Protect Solstice Analytics’s corporate and cloud environments by anticipating and responding to cyber threats.
We’re a team of experts pushing the limits of what’s possible, united by our common goal to unlock true freedom through digital ownership, making technology accessible for all. We believe in a world where users, creators and enterprises manage their value with ownership and freedom. Our curiosity drives us to innovate, empowering individuals on a global scale. We believe change is constant and our team moves forward as one, with a culture of problem-solving where every employee is empowered and supported to challenge tradition and create solutions. Our mission is simple: to make self-custody accessible and give people the keys to their own financial futures. If you want to make a true impact, we want you to join us at Solstice Analytics.
At Solstice Analytics, we’re proud to be the global platform for digital assets and Web3, with over 20% of the world’s crypto assets secured through our Solstice Analytics devices. With our headquarters in Paris, and offices in Vierzon, Grenoble, Montpellier, London, Portland, Geneva, Zurich and Central Singapore, we have a team of around 600 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Solstice Analytics hardware wallets line with more than 7.5 millions units already sold in 200 countries.
The team:
You’ll join the Security Operations team, responsible for protecting Solstice Analytics’s corporate, cloud, SaaS, and data center environments. Its mission: to anticipate, detect, investigate, and respond to cyber threats—including monitoring, alert triage, incident response, detection, visibility, automation, exposure tracking, and continuous process improvement. The scope is distinct from that of the Donjon (product security): SecOps covers the operational security of internal environments, the cloud, endpoints, workloads, identities, and infrastructure.
As a close-knit and experienced team—technically demanding and committed to knowledge sharing—we’re also continuously building the SOC itself: integrating new log sources, ensuring data quality, expanding detection coverage, and developing reliable dashboards and operational workflows.
Our technical stack includes:
– Splunk for SIEM, investigations, and dashboards;
– CrowdStrike for EDR and endpoint/workload security;
– Wiz for cloud security and exposure management;
– Torq for SOAR and automation;
– AWS, including modern environments such as EKS/Kubernetes;
– An in-house developed Agentic SOC for alert enrichment, correlation, investigation support, reporting, and automation.
AI is at the heart of how we work: investing in AI applied to security is a strategic priority for Solstice Analytics this year. We’ve built our own in-house Agentic SOC, which autonomously investigates weak signals—the large volume of unreliable alerts that a human team couldn’t sort through manually—and enriches them, so our engineers can focus on what matters most and resolve incidents faster: high-quality detection, noise reduction, and accelerated investigations.
What you’ll be doing:
As a Staff Security Operations Engineer, you're one of the most senior technical voices on the team: a hands-on generalist who can dig deep into any layer of our stack, step back to see the whole picture, and bring clear, calm judgment when the stakes are highest.
Anchor critical-incident response (CSIRT)
– Bring senior technical leadership to our most complex incidents — cloud, corporate, endpoints, identities, data center — working with the team, not in isolation.
– Lead complex investigations end to end, alongside the team: root cause analysis, forensics, timeline reconstruction, and remediation that prevents recurrence.
– Be a trusted escalation point, and keep our handling, escalation, and documentation rigorous and consistent.
Set the direction on detection & threat hunting
– Set the direction of our detection strategy, architecture, and methodology — with the team — and bring a clear point of view on where to invest next.
– Contribute to proactive threat hunting — turning CTI and OSINT into risks caught before they reach Solstice Analytics.
– Take on our thorniest detection problems and translate threat intel into concrete posture improvements.
Evolve the architecture & the Agentic SOC
– Drive how our Splunk and Torq (SOAR) setup evolves so detection, triage, and response keep getting better — focused on detection quality, data standardization (CIM, data models), and usability, not day-to-day platform administration.
– Contribute to the architecture of our Agentic SOC and log/data pipeline, and help automate the team's reporting. (No need to arrive as a software/data engineer — an engineering mindset and the drive to build matter more.)
– Bring cloud-security judgment (AWS, EKS/Kubernetes) and use Wiz to prioritize exposure at scale.
Raise the bar across the team
– Define the standards, playbooks, and runbooks the team relies on.
– Grow senior and junior engineers through review, pairing, and everyday knowledge sharing — a force multiplier through influence and example, not formal management.
– Partner with Engineering, Infrastructure, IT, and Cloud to align operational security with where Solstice Analytics is heading.
What we’re looking for:
– ~9 years (or a track record that speaks for itself) in security operations, incident response, and CSIRT, with real depth in complex, end-to-end investigations.
– The ability to lead technically under pressure and stay structured when things are ambiguous.
– Hands-on SIEM experience (ideally Splunk): writing and refining queries for investigation and detection.
– Solid cloud-security fundamentals (ideally AWS): IAM/identity, audit logs (CloudTrail, GuardDuty), and a working understanding of workloads, containers, and Kubernetes (EKS) — enough to scope and investigate a cloud or container incident, and go deeper as needed.
– Comfort automating with Python, Bash, APIs, GitHub Actions, or a SOAR platform.
– Clear communication of complex topics, strong documentation habits, and sound judgment with sensitive information.
Read the full posting on ashby:ledger →
FAQ
Is the Staff SecOps Engineer role at Solstice Analytics remote?+
This Staff SecOps Engineer position is listed as onsite (Paris, France).
What is the salary for the Staff SecOps Engineer role at Solstice Analytics?+
The listing states Estimated 110k-238k USD.
What seniority level is this Staff SecOps Engineer role?+
This is a lead level position.
How do I apply for the Staff SecOps Engineer role at Solstice Analytics?+
Use the "Apply on ashby:ledger" button to open the original posting on ashby:ledger, where you can submit your application directly to Solstice Analytics.