SecOps Engineer

Overview

We are looking for a hands-on Security Operations Engineer to own and evolve our security posture across infrastructure, endpoints, and internal systems. You will be the primary driver of day-to-day security operations — from managing protective tooling to responding to incidents and coordinating audits. This is a high-ownership role with direct impact on how the company detects, responds to, and prevents security threats.

• Security Systems Management:
  Own the configuration, maintenance, and continuous improvement of security tooling across the organization — including DLP (Data Loss Prevention), MDM (Mobile Device Management), SIEM, and endpoint protection platforms. Ensure policies are enforced, coverage is complete, and tooling stays current with evolving threats and business needs
• Incident Management:
  Act as the first responder for security incidents: triage alerts, investigate root causes, coordinate containment and remediation, and produce clear post-mortem reports. Build and refine runbooks and playbooks to reduce response time and improve team readiness over time
• Infrastructure Security:
  Partner with Dev Ops and Engineering teams to embed security across cloud infrastructure, Kubernetes workloads, CI/CD pipelines, and network layers. Conduct regular reviews of IAM policies, secrets management, network segmentation, and access controls to identify and close gaps before they become incidents
• Audit & Penetration Testing:
  Coordinate internal and external security audits, manage relationships with pentest vendors, and track remediation of findings through to closure. Conduct ongoing vulnerability assessments and support compliance activities (SOC 2, ISO 27001, PCI DSS, or equivalent) by maintaining evidence and responding to auditor requests

• Hands-on experience administering DLP platforms (Forcepoint, Symantec DLP, Teramind, Nightfall, or similar) — policy authoring, tuning, and alert management
• MDM administration experience:
  Jamf, Kandji, Microsoft Intune, or equivalent — device enrollment, compliance policies, remote wipe, certificate management
• Familiarity with PAM solutions (Cyber Ark, Hashi Corp Vault, Beyond Trust) and secrets lifecycle management
• Email security tooling: DMARC/DKIM/SPF configuration, anti-phishing platforms (Proofpoint, Mimecast)

• Network security fundamentals: firewall rule management, IDS/IPS configuration, zero-trust access models, VPN and ZTNA (Cloudflare Access, Tailscale, Zscaler)
• Infrastructure-as-Code security scanning:
  Checkov, tfsec, KICS for Terraform/Helm/Kubernetes manifests

• Structured incident response methodology: NIST SP 800-61, PICERL, or equivalent framework
• Digital forensics basics: memory and disk image acquisition, log preservation and chain of custody, timeline reconstruction
• Threat intelligence platforms and feeds: MISP, OpenCTI, Virus Total, Shodan — IOC enrichment and threat correlation
• Practical knowledge of MITRE ATT&CK framework for detection mapping and adversary emulation

• Vulnerability scanning and management:
  Nessus, Qualys, Wiz, Orca Security — prioritization, SLA tracking, and remediation coordination
• Pentest coordination: scoping, managing NDA/RoE, validating findings, tracking remediation through to closure
• Web application security fundamentals: OWASP Top 10, common API vulnerabilities, ability to validate findings from external researchers

• Experience in fintech, crypto, or another regulated industry
• Relevant certifications: OSCP, CEH, GCIA, GCIH, GWAPT, Security+, CISSP, AWS Security Specialty, or CKS (Certified Kubernetes Security Specialist)
• Compliance frameworks: SOC 2 Type II, ISO 27001, PCI DSS — evidence collection, control mapping, auditor interaction
• Exposure to blockchain-specific security considerations: smart contract audit basics, wallet security, on-chain threat monitoring
• Experience operating or hardening Web3-facing infrastructure
• SIEM deployment and tuning:
  Splunk, Elastic SIEM, Microsoft Sentinel, or similar — writing detection rules, building dashboards,…