Position Summary:The Senior Security Operations Engineer will own day-to-day security operations across our cloud infrastructure and application workloads while partnering closely with our CTO and Information Security & Risk Officer. We're looking for someone who not only identifies risks, but actively helps solve them through automation, collaboration, and implementation.
Position Responsibilities: - Detect, Protect, and Respond (Hands-On Security Operations)
- Own day-to-day security operations for AWS-based cloud and serverless workloads including threat detection, alert triage, incident response, forensics, and post-incident learning.
- Build and tune detections and automations (SIEM rules, SOAR/runbooks, detection-as-code) to reduce MTTA/MTTR and eliminate noisy alerts.
- Secure our delivery pipelines & runtime
- Harden CI/CD and software supply chain, and drive "secure by default" patterns in our SDLC.
- Lead cloud/serverless hardening (IaC reviews, policy-as-code, least privilege IAM design, network segmentation).
- Raise the bar across the organization (beyond prod)
- Partner with DevOps and Engineering teams to evolve identity & access, endpoint/EDR posture.
- Coordinate vulnerability management end-to-end: scanning, prioritization, remediation, and reporting.
- Contribute to security governance (policies, standards, tabletop exercises, BCP/DR inputs) and support compliance efforts (e.g., SOC 2/PCI DSS).
- Influence, automate, and measure
- Build security tooling and integrations for engineers, acknowledging that ease of use and low friction will encourage adoption and adherence.
- Define metrics/KPIs and regularly communicate risk & progress to engineering and leadership.
- Mentor engineers on secure design and champion a positive, enablement-first security culture.
- Participate in architecture and threat modeling discussions to identify security risks early in the design process.
Positional Competencies:- Strong programming skills (Node, Typescript).
- Expertise in system administration, networking, and operating systems (Linux/Unix).
- Proficient in automation tools (Github Actions, Cloudformation, Terraform, Serverless, AWS SDK).
- Knowledge of AWS monitoring and logging tools such as Cloudwatch, CloudTrail, SecurityHub, GuardDuty. etc.
- Exceptional attention to detail with a preference for highly structured procedures.
- Solid grasp of CI/CD security, supply-chain risks, and IaC (Terraform) security reviews.
- Strong incident response skills across detection, investigation, containment, and recovery especially in complex cloud-native environments.
Qualifications: - Bachelor's degree in computer science, engineering, or a related field, or equivalent experience in a similar role within the technology sector.
- Applicants must be authorized to work in the U.S.
- 5 or more years of large-scale distributed system development.
- Minimum of 3 years' fintech experience, or equivalent experience with regulated environments with compliance requirements (e.g., SOC2, PCI DSS)
- Minimum of 5 years working in Security Operations/Cloud Security/Blue Team roles, with deep, hands-on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch).
- Practical expertise with SIEM/log analytics, EDR, and secrets management (e.g., Vault).
- Experience with cloud platforms (AWS preferred, GCP, Azure) and containerization technologies (Docker, ECS).
- Experience with CI/CD pipelines and tools (Github Actions)
- Willingness to participate in a shared on-call rotation for security incidents
CORPORATE CORE COMPETENCIES:- Drive Action & Results
- Take on new opportunities with enthusiasm
- Achieve results even in tough circumstances
- Take personal accountability for decisions and actions
- Adapt to Change
- Operate effectively when things are uncertain
- Proactively acquire and evaluate information and adapt approach to match shifting demands/situations
- Rebound from setbacks
- Embrace Innovation
- Create new and better ways to approach challenges and develop solutions
- Learn through experimentation
- Encourage feedback and seek opportunities to work better/smarter/faster
- Show personal commitment and take action to continuously improve
- Create Diversity & Foster Collaboration
- Actively bring, seek, engage, and honor diverse perspectives
- Identify and address barriers to inclusion to ensure equity and center belonging
- Work collaboratively and build partnerships to meet shared objectives
PHYSICAL REQUIREMENTS:The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
While this is primarily a sedentary role, the employee is regularly required to talk and hear. The employee is also required to sit, stand; walk; use hands to finger, handle or feel; and reach with hands and arms. Specific vision abilities required by this job include close vision, depth perception and the ability to adjust focus.
