OpenFX - Security Operations Center(SOC) Engineer

Remote - Bengaluru4mo ago

Remote Senior APAC Fintech Payments Security Engineer Team Management Team Leadership KPI Tracking GCP Azure

Requirements

• 8 to 12+ years in cybersecurity operations • Proven experience building or maturing a SOC in a complex environment • Deep experience in incident response and security investigations • Hands-on experience with SIEM platforms and detection rule engineering • Strong knowledge of cloud security (AWS/GCP/Azure), identity systems, and SaaS telemetry • Experience defining KPIs, dashboards, and operational metrics • Strong leadership and team management experience • Ability to communicate risk clearly to executives and non-technical stakeholders • Strongly Preferred (Accelerates Ramp) • Experience in fintech, payments, or high-transaction financial systems • Knowledge of SOC 2, ISO 27001, NIST, CIS • Experience with EDR, SOAR, DLP, CASB, MDM, Email Security • Familiarity with fraud detection models and transaction risk monitoring • Experience in Product Security and CI / CD Security • CISSP, CISM, CISA, or equivalent certifications

Responsibilities

• Build and operationalize a fintech-grade SOC function • Define monitoring strategy across cloud, infra, identity, endpoints, and transaction systems • Establish detection coverage aligned to MITRE ATT&CK and fraud threat models • Own incident response end-to-end • Lead containment, eradication, and recovery for security incidents • Run post-incident reviews with clear root cause analysis and systemic fixes • Minimize blast radius and reduce time to detect (MTTD) and respond (MTTR) • Design and mature detection engineering • Define high-signal alerting strategy (reduce noise, increase signal) • Improve SIEM use cases, telemetry coverage, correlation rules • Build measurable detection coverage maps • Define security KPIs & KRIs • Track detection coverage, false positive rate, incident severity trends • Establish executive dashboards with actionable metrics • Quantify operational risk reduction • Embed SOC into engineering and product workflows • Integrate security review into new feature launches • Ensure logging, telemetry, and auditability are designed upfront • Partner with backend, infra, and platform teams to close systemic gaps • Reduce systemic financial risk • Align security monitoring with transaction flows, reconciliation pipelines, and money movement controls • Detect abnormal patterns in account behavior, API misuse, and privilege escalation • Build and scale the SecOps team • Hire, mentor, and level up analysts and detection engineers • Define shift models (if required), escalation paths, and on-call processes • Establish a culture of ownership and precision • Operationalize compliance through execution • Ensure SOC processes support ISO 27001, PCI DSS, NIST, and regulatory requirements • Produce defensible evidence for audits • What Success Looks Like • Reduced security risk exposure • Fewer critical incidents, reduced dwell time, measurable control maturity • Operational excellence • Clear runbooks, high-quality incident handling, low alert fatigue • Detection quality • Detection quality • High signal-to-noise alerts, proactive threat hunting, coverage against key attack vectors • Executive trust • Executive trust • Leadership has clear visibility into risk posture and remediation progress • Team quality • Analysts are strong, accountable, and growing; the SOC becomes a force multiplier • Security embedded in product velocity • Engineering moves fast without increasing risk

Benefits

• Competitive salary and benefits package. • Equity in a rapidly growing company. • Opportunity to work in a fast-paced startup at the forefront of fintech innovation. • Opportunity to make a significant impact on global financial infrastructure. • Collaborative work culture with emphasis on personal and professional growth.