Senior Security Operations Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Manage daily security operations for cloud and serverless workloads on AWS, which includes threat detection, alert triage, incident response, forensics, and post-incident analysis.

• Develop and optimize detection and automation processes (SIEM rules, SOAR/runbooks, detection-as-code) to minimize MTTA/MTTR and eliminate false alerts.

• Ensure the security of our delivery pipelines and runtime by enhancing CI/CD practices, securing the software supply chain, and promoting “secure by default” principles in our SDLC.

• Oversee cloud/serverless security hardening (IaC reviews, policy-as-code, least privilege IAM design, network segmentation).

• Collaborate with DevOps and Engineering teams to improve identity and access management, as well as endpoint/EDR security posture.

• Manage the end-to-end vulnerability management process: scanning, prioritization, remediation, and reporting.

• Contribute to security governance, including policies, standards, tabletop exercises, and input for BCP/DR, while also supporting compliance initiatives (e.g., SOC 2/PCI DSS).

• Develop security tools and integrations for engineers, ensuring the ease of use and minimal friction to foster adoption and compliance.

• Establish metrics and KPIs, regularly communicating risk and progress to engineering teams and leadership.

• Mentor engineers on secure design practices and advocate for a positive, enablement-first security culture.

• Engage in architecture and threat modeling discussions to identify security risks early in the design phase.

⛳️ Requirements

• Bachelor's degree in computer science, engineering, or a related discipline, or equivalent experience in a similar technology role.

• A minimum of 5 years' experience in developing large-scale distributed systems.

• At least 3 years of experience in the fintech sector, or equivalent experience in regulated environments with compliance requirements (e.g., SOC2, PCI DSS).

• A minimum of 5 years in Security Operations/Cloud Security/Blue Team roles, with substantial hands-on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch).

• Practical knowledge of SIEM/log analytics, EDR, and secrets management (e.g., Vault).

• Familiarity with cloud platforms (preferably AWS, but also GCP, Azure) and container technologies (Docker, ECS).

• Experience with CI/CD pipelines and associated tools (GitHub Actions).

• Willingness to participate in a shared on-call rotation for security incidents.

• Strong programming capabilities (Node, TypeScript).

• Expertise in system administration, networking, and operating systems (Linux/Unix).

• Proficient in automation tools (GitHub Actions, CloudFormation, Terraform, Serverless, AWS SDK).

🏝️ Benefits

• Flexible and fully remote work environment that enables a seamless balance between professional and personal life.

• Health insurance coverage.

• Opportunities for professional development.