Security and Threat Operations Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security and Threat Operations Engineer protecting the fintech environment at OnePay. Collaborating with teams to proactively identify and respond to security threats.
Responsibilities:
- Build and tune detections, alerts, and monitoring workflows across cloud, application, identity, and edge environments.
- Review traffic patterns across APIs, authentication flows, and WAF telemetry to identify malicious activity, abuse patterns, and anomalous behavior.
- Use AI responsibly as a force multiplier for triage, analysis, and workflow automation, while helping define guardrails for AI-enabled systems.
- Help operate OnePay’s vulnerability management program by triaging, prioritizing, and driving remediation for findings from Wiz, vulnerability scanning, and related workflows.
- Develop Python-based tooling and automation to improve investigations, enrichment, response, and operational scale.
- Partner with Product Security to translate threat models, security reviews, and product risks into production detections and response playbooks.
- Investigate security events end to end, including triage, scoping, containment support, and follow-through on remediation.
- Support vulnerability management and operational security practices in ways that align with PCI and SOC 2 expectations.
- Participate in proactive threat hunting, detection improvement, and a 24x7 security incident response on-call rotation.
Requirements:
- 5+ years of experience in information security, threat detection, security operations, detection engineering, or incident response, ideally in a cloud-native or product-focused environment.
- Strong experience investigating suspicious activity in web, API, authentication, and infrastructure telemetry, with the ability to distinguish attacker behavior from normal production noise.
- Demonstrated ability to review traffic and event patterns for signs of malicious activity, fraud, account abuse, credential attacks, reconnaissance, and exploitation attempts.
- Strong Python programming skills and the ability to write maintainable code for automation, enrichment, analysis, and security operations tooling.
- Experience building and tuning detections in a SIEM or detection platform and working with observability and logging systems such as CloudWatch, Datadog, or similar platforms.
- Experience operating or supporting a vulnerability management program, including triage, prioritization, remediation tracking, and stakeholder coordination.
- Familiarity with cloud and application security findings from platforms such as Wiz, including CNAPP, runtime, code, and vulnerability scanning use cases.
- Experience with at least one major cloud provider, preferably AWS.
- Working knowledge of identity and access systems, modern authentication flows, and the security implications of internet-facing applications and APIs.
- Strong understanding of threat modeling, risk prioritization, and practical security controls across applications, infrastructure, and cloud environments.
- Practical experience using AI tools in security workflows, along with sound judgment about AI-specific risks such as prompt injection, data leakage, excessive tool access, and weak auditability.
- Excellent analytical, communication, and cross-functional collaboration skills, especially in environments where security needs to move quickly with product and engineering teams
Benefits:
- Competitive base salary and stock options
- Health benefits effective from Day 1
- 401(k) plan with company match
- Remote-friendly (US), flexible time-off (FTO), paid parental and caregiver leave
- Generous stock option packages in an early-stage, high-growth fintech
- A high-growth, mission-driven, inclusive culture where your work has real impact
Similar Jobs
Cybersecurity Lead
Lead Cybersecurity Strategy at Intersect, safeguarding critical systems in a cloud-first environment. Collaborate cross-functionally to integrate security practices for innovative energy solutions.
Principal, Multicloud Data Center Solutions – AI, Data Security & Resilience
Lead development of solutions for enterprise Multicloud/Data Center, AI & Data and Security & Resilience at Dell Technologies. Engage with customers and drive transformative technology solutions.
Lead Security Officer – Rotational
Lead Security Officer ensuring health, safety and security for clients in remote settings. Providing oversight, training, and recommendations based on security operations.
Security Officer, Seasonal
Remote Security Officer monitoring and patrolling assigned areas for safety and security. Working in remote settings where health, safety, and security is a priority.
Platform Engineer, Security
Platform & Security Engineer responsible for IT infrastructure and security at Cosuno. Leading compliance and operational excellence in a remote role.
Security Implementation Engineer
Security Implementation Engineer responsible for deploying, configuring, and implementing cybersecurity solutions. Focused on security infrastructure projects across customer environments in Logically's client base.
Senior Manager – Data Protection, Information Security Program
Senior Manager in Data Protection implementing controls and driving initiatives at leading MENA financial institution. Ensuring compliance and enhancing data protection controls across the organization.
Cybersecurity Associate Internship
Cybersecurity Associate Internship helping secure government and intelligence projects for GDIT's Summer Internship Program. Collaborating with professionals and enhancing skills in a supportive environment.
Principal Security Engineer
Principal Security Engineer at Aspirion focusing on Cloud Security architecture and execution. Driving secure solutions for clients in revenue cycle services while leading technical initiatives.
Member of Technical Staff – Security
Security Engineer building and improving AI security scanning and detection products to protect enterprise AI. Collaborating with senior engineers and shaping secure AI adoption.
Information Security Engineer III
Information Security Engineer ensuring secure software function at global commerce platform. Collaborating with teams to secure applications and infrastructure with regulatory compliance.
Senior Manager, Security Delivery
Senior Manager leading security operations team; managing vulnerability analysis and engineering tasks for client accounts. Enhancing security service delivery and operational excellence.
Sales Specialist – Data & AI Security
Sales Specialist driving growth for Securiti AI solutions at Veeam Software. Focusing on territory planning and cross-selling into existing accounts.
Director, Physical Security, Safety
Director of Physical Security leading safety and investigative operations for D-Wave. Ensuring protection of people, facilities, and research environments while managing complex investigations.
Security Manager
Security Manager overseeing the tactical operations of security at XTIUM. Managing incident response and security workflows in a fast-paced environment.
Director, Security
Director of Security leading the security program and governance at XTIUM. Collaborating across teams to enhance security operations and compliance with executive leadership.
Principal Product Manager – Platform Security
Principal Product Manager leading strategic Account Security initiative for Platform at Workiva. Defining and scaling premium security offerings with advanced capabilities for enterprise-grade security.
Security Architect, SME
Security Architect SME leading the development of security architecture guidance for a large government agency. Collaborating on cloud and on-premise projects using leading edge technology.
Quality, Security & Certification Compliance Manager
Quality, Security & Certification Compliance Manager managing enterprise certification frameworks for ISO, CMMI, and CMMC compliance. Leading cross-functional coordination and supporting proposal teams with certification validation and documentation.
Cloud Security Engineer
Cloud Security Engineer responsible for implementing and managing security controls across Microsoft 365 and Azure environments. Collaborating with teams to ensure compliance and security effectiveness.