Senior Security Operations Engineer

📋 Description

• Take charge of daily security operations for AWS-based cloud and serverless environments, focusing on threat detection, alert management, incident response, forensics, and lessons learned post-incident.

• Develop and optimize detection mechanisms and automations (SIEM rules, SOAR/runbooks, detection-as-code) to improve Mean Time to Acknowledge (MTTA) and Mean Time to Respond (MTTR) while minimizing false alerts.

• Ensure the security of our delivery pipelines and runtime by enhancing CI/CD processes and software supply chains, promoting "secure by default" practices within our Software Development Life Cycle (SDLC).

• Oversee the hardening of cloud/serverless infrastructures (Infrastructure as Code reviews, policy-as-code, least privilege IAM design, network segmentation).

• Collaborate with DevOps and Engineering teams to advance identity and access management, as well as endpoint/EDR security posture.

• Manage the complete vulnerability management lifecycle: including scanning, prioritization, remediation, and reporting.

• Contribute to security governance initiatives (policies, standards, tabletop exercises, BCP/DR inputs) and assist in compliance efforts (e.g., SOC 2/PCI DSS).

• Develop security tools and integrations for engineers, emphasizing user-friendliness and low friction to promote widespread adoption and compliance.

• Establish metrics and Key Performance Indicators (KPIs) while consistently communicating risks and progress to engineering teams and leadership.

• Guide engineers in secure design practices and advocate for a positive, enablement-first security culture.

• Engage in architecture and threat modeling discussions to identify potential security risks early in the design phase.

⛳️ Requirements

• Bachelor’s degree in computer science, engineering, or a related field, or equivalent experience in a similar position within the technology industry.

• At least 5 years of experience in large-scale distributed system development.

• Minimum of 3 years of experience in fintech or similar roles within regulated environments that require compliance (e.g., SOC2, PCI DSS).

• At least 5 years of experience in Security Operations/Cloud Security/Blue Team roles, with substantial hands-on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch).

• Strong practical knowledge of SIEM/log analytics, EDR, and secrets management tools (e.g., Vault).

• Familiarity with cloud platforms (AWS preferred, GCP, Azure) and containerization technologies (Docker, ECS).

• Experience with CI/CD pipelines and tools (e.g., Github Actions).

• Willingness to participate in a shared on-call rotation for responding to security incidents.

• Proficient programming skills (Node, Typescript).

• Expertise in system administration, networking, and operating systems (Linux/Unix).

• Skilled in automation tools (Github Actions, Cloudformation, Terraform, Serverless, AWS SDK).

🏝️ Benefits

• Flexible and fully remote work arrangement that enables you to effectively balance your professional and personal life.

• Health insurance coverage.

• Opportunities for professional development.