oneapp - Security and Threat Operations Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5+ years of experience in information security, threat detection, security operations, detection engineering, or incident response, ideally in a cloud-native or product-focused environment. • Strong experience investigating suspicious activity in web, API, authentication, and infrastructure telemetry, with the ability to distinguish attacker behavior from normal production noise. • Demonstrated ability to review traffic and event patterns for signs of malicious activity, fraud, account abuse, credential attacks, reconnaissance, and exploitation attempts. • Strong Python programming skills and the ability to write maintainable code for automation, enrichment, analysis, and security operations tooling. • Experience building and tuning detections in a SIEM or detection platform and working with observability and logging systems such as CloudWatch, Datadog, or similar platforms. • Experience operating or supporting a vulnerability management program, including triage, prioritization, remediation tracking, and stakeholder coordination. • Familiarity with cloud and application security findings from platforms such as Wiz, including CNAPP, runtime, code, and vulnerability scanning use cases. • Experience with at least one major cloud provider, preferably AWS. • Working knowledge of identity and access systems, modern authentication flows, and the security implications of internet-facing applications and APIs. • Strong understanding of threat modeling, risk prioritization, and practical security controls across applications, infrastructure, and cloud environments. • Practical experience using AI tools in security workflows, along with sound judgment about AI-specific risks such as prompt injection, data leakage, excessive tool access, and weak auditability. • Excellent analytical, communication, and cross-functional collaboration skills, especially in environments where security needs to move quickly with product and engineering teams5+ years of experience in information security, threat detection, security operations, detection engineering, or incident response, ideally in a cloud-native or product-focused environment. • Excellent analytical, communication, and cross-functional collaboration skills, especially in environments where security needs to move quickly with product and engineering teams • We use Node and TypeScript on the server, leveraging the NestJS framework within a microservice-oriented architecture running on Kubernetes and AWS. On the client side, we build and ship product features for iOS, Android, and web platforms using React Native. While you don’t need experience with our exact stack, familiarity with modern software engineering practices will help you ramp up quickly.
Responsibilities
• Build and tune detections, alerts, and monitoring workflows across cloud, application, identity, and edge environments. • Review traffic patterns across APIs, authentication flows, and WAF telemetry to identify malicious activity, abuse patterns, and anomalous behavior. • Use AI responsibly as a force multiplier for triage, analysis, and workflow automation, while helping define guardrails for AI-enabled systems. • Help operate OnePay’s vulnerability management program by triaging, prioritizing, and driving remediation for findings from Wiz, vulnerability scanning, and related workflows. • Develop Python-based tooling and automation to improve investigations, enrichment, response, and operational scale. • Partner with Product Security to translate threat models, security reviews, and product risks into production detections and response playbooks. • Investigate security events end to end, including triage, scoping, containment support, and follow-through on remediation. • Support vulnerability management and operational security practices in ways that align with PCI and SOC 2 expectations. • Participate in proactive threat hunting, detection improvement, and a 24x7 security incident response on-call rotation.
Benefits
• $140K – $190K • Offers Equity • Pay is generally based upon the level, complexity, responsibility, location and job duties / requirements of the specific position. We then source candidates with the requisite skills, expertise, education, training, and experience. If you are selected for an interview, please feel welcome to speak to a Talent Partner about our compensation philosophy and other available benefits. • Upload your resume here to autofill key application fields. • Drop your resume here! • Parsing your resume. Autofilling key fields... • Please note: to ensure that candidates select the most relevant jobs for their skills, we have set up limits to the number of times candidates can apply. The following limits apply to all roles at One: • Candidates may only apply once (1) for the same role over a span of three (3) months • Candidates are limited to two (2) separate applications at a time, to focus on roles that are the best fit for them • or drag and drop here • Decline to self-identify • Hispanic or Latino - A person of Cuban, Mexican, Puerto Rican, South or Central American, or other Spanish culture or origin regardless of race. • Hispanic or Latino • White (Not Hispanic or Latino) - A person having origins in any of the original peoples of Europe, the Middle East, or North Africa. • White • Black or African American (Not Hispanic or Latino) - A person having origins in any of the black racial groups of Africa. • Black or African American • Native Hawaiian or Other Pacific Islander (Not Hispanic or Latino) - A person having origins in any of the peoples of Hawaii, Guam, Samoa, or other Pacific Islands. • Native Hawaiian or Other Pacific Islander • Asian (Not Hispanic or Latino) - A person having origins in any of the original peoples of the Far East, Southeast Asia, or the Indian Subcontinent, including, for example, Cambodia, China, India, Japan, Korea, Malaysia, Pakistan, the Philippine Islands, Thailand, and Vietnam. • Asian • American Indian or Alaska Native (Not Hispanic or Latino) - A person having origins in any of the original peoples of North and South America (including Central America), and who maintain tribal affiliation or community attachment. • American Indian or Alaska Native • Two or More Races (Not Hispanic or Latino) - All persons who identify with more than one of the above five races. • Two or More Races • Hispanic or Latino • White (Not Hispanic or Latino) • Black or African American (Not Hispanic or Latino) • Native Hawaiian or Other Pacific Islander (Not Hispanic or Latino) • Asian (Not Hispanic or Latino) • American Indian or Alaska Native (Not Hispanic or Latino) • Two or More Races (Not Hispanic or Latino) • I identify as one or more of the classifications of protected veteran listed above • I am not a protected veteran
No credit card. Takes 10 seconds.