Security Operations Engineer

Alpaca is a US-headquartered self-clearing broker‑dealer and brokerage infrastructure for stocks, ETFs, options, crypto, fixed income, 24/5 trading, and more. Our recent Series D funding round brought our total investment to over $320 million, fueling our ambitious vision.

Amongst our subsidiaries, Alpaca is a licensed financial services company, serving hundreds of financial institutions across 40 countries with our institutional‑grade APIs. This includes broker‑dealers, investment advisors, wealth managers, hedge funds, and crypto exchanges, totalling over 9 million brokerage accounts.

Our global team is a diverse group of experienced engineers, traders, and brokerage professionals who are working to achieve our mission of opening financial services to everyone on the planet
. We're deeply committed to open‑source contributions and fostering a vibrant community, continuously enhancing our award‑winning, developer‑friendly API and the robust infrastructure behind it.

Alpaca is proudly backed by top‑tier global investors, including Portage Ventures, Spark Capital, Tribe Capital, Social Leverage, Horizons Ventures, Unbound, SBI Group, Derayah Financial, Elefund, and Y Combinator.

We're a dynamic team of 230+ globally distributed members who thrive working from our favorite places around the world, with teammates spanning the USA, Canada, Japan, Hungary, Nigeria, Brazil, the UK, and beyond!

We're searching for passionate individuals eager to contribute to Alpaca's rapid growth. If you align with our core values—Stay Curious, Have Empathy, and Be Accountable—and are ready to make a significant impact, we encourage you to apply.

We are seeking a Security Operations Engineer to mature Alpaca's day‑to‑day security operations. This role will be responsible for managing our third‑party SOC relationship, operating and tuning our on‑prem SIEM, and acting as a critical bridge between IT Helpdesk and the Security team to ensure security issues are identified, triaged, and resolved quickly and consistently.

You will be both hands‑on and operationally minded: improving detection quality, streamlining alert triage, coordinating incident response, and ensuring security operations scale with the business. You'll play a key role in turning security signals into action and ensuring operational issues don't become security incidents.

This role reports to the Enterprise Security Architect and works closely with IT, Dev Ops, Engineering, and our external SOC partner.

The Security Team is 100% distributed and remote.

The core responsibilities of the Security Operations Engineer are focused on detection, response, operational excellence, and cross‑functional coordination.

• Manage third‑party SOC relationship and ensure effective service delivery.
• Operate and tune on‑prem SIEM to detect and analyze security events.
• Act as a bridge between IT Helpdesk and Security team for issue triage.
• Improve detection quality and streamline alert triage processes.
• Coordinate incident response and ensure quick, consistent resolution.
• Ensure security operations scale with the business and transform signals into action.