SOCEngineer(IncidentResponse)

## Description Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by 300+ million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world. We’re looking for a security engineer with hands-on experience in Data Loss Prevention (DLP) and incident response, ideally within fintech, crypto, or high-security environments. The role goes beyond using commercial tools you’ll also design and build custom solutions, leverage automation, and adapt to emerging threats, including those driven by recent LLM/AI advancements. ## Responsibilities Design, deploy, and optimize DLP solutions across network, endpoint, and cloud. Build and refine data classification schemes for sensitive assets (wallets, trading algorithms, customer PII). Configure DLP policies to prevent data exfiltration while minimizing false positives. Monitor, analyze, and tune alerts and incidents for continuous improvement. Lead investigations of DLP incidents and insider threats, Conduct threat hunting and forensic analysis of data exfiltration attempts. Integrate DLP monitoring into broader SOC workflows and incident response playbooks. Build custom DLP tools and integrations (e.g., macOS Swift endpoint protection, Unix socket monitoring). Develop automation scripts, APIs, regexes and integrations to enhance detection and response. Explore AI/LLM-driven methods for anomaly detection and response efficiency. Ensure controls align with crypto and financial regulations (AML, KYC, GDPR