Security Operations Center(SOC) Engineer

About Us

OpenFX is on a mission to move money as freely as data, unrestricted by time zones, banking hours, or legacy systems. We are building the infrastructure that will power the next generation of cross-border payment systems for institutions. The team's execution has been exceptional, and we're scaling at a remarkable pace. Our stellar early team comes with experience in companies like J.P. Morgan, Goldman Sachs, FalconX, Paypal, Affirm, Polygon, Kraken, Nium & others. We're backed by Accel, Faction, NfX, Accomplice, and other top-tier investors. Role Overview OpenFX processes billions of dollars in transaction volume every month across global corridors, connecting banks, liquidity providers, and third-party systems in real time. As transaction volume and geographic footprint scale, so does our threat surface. We need a SOC Engineer who can build and own a high-performance security operations function—one that detects early, responds decisively, reduces systemic risk, and scales ahead of growth. In fintech, a delayed alert is money lost and a missed signal is reputational damage. Security must be operational, measurable, and deeply integrated into how we ship and scale.

Key Responsibilities

Build and operationalize a fintech-grade SOC function with monitoring across cloud, infrastructure, identity, endpoints, and transaction systems Establish detection coverage aligned to MITRE ATT&CK and fraud threat models Lead incident response end-to-end: containment, eradication, recovery, and post-incident reviews with clear root cause analysis Minimize blast radius and reduce mean time to detect (MTTD) and respond (MTTR) Design high-signal alerting strategy to reduce noise and improve SIEM use cases, telemetry coverage, and correlation rules Define and track security KPIs and KRIs including detection coverage, false positive rate, and incident severity trends Integrate security review into new feature launches and ensure logging, telemetry, and auditability are designed upfront Align security monitoring with transaction flows, reconciliation pipelines, and money movement controls Detect abnormal patterns in account behavior, API misuse, and privilege escalation Hire, mentor, and level up analysts and detection engineers; define escalation paths and on-call processes Ensure SOC processes support ISO 27001, PCI DSS, NIST, and regulatory requirements with defensible evidence for audits

What We're Looking For

Required 8 to 12+ years in cybersecurity operations Proven experience building or maturing a SOC in a complex environment Deep experience in incident response and security investigations Hands-on experience with SIEM platforms and detection rule engineering Strong knowledge of cloud security (AWS/GCP/Azure), identity systems, and SaaS telemetry Experience defining KPIs, dashboards, and operational metrics Strong leadership and team management experience Ability to communicate risk clearly to executives and non-technical stakeholders Preferred Experience in fintech, payments, or high-transaction financial systems Knowledge of SOC 2, ISO 27001, NIST, CIS Experience with EDR, SOAR, DLP, CASB, MDM, Email Security Familiarity with fraud detection models and transaction risk monitoring Experience in Product Security and CI/CD Security CISSP, CISM, CISA, or equivalent certifications What We Offer Competitive salary and benefits package. Equity in a rapidly growing company. Opportunity to work in a fast-paced startup at the forefront of fintech innovation. Opportunity to make a significant impact on global financial infrastructure. Collaborative work culture with emphasis on personal and professional growth. We are committed to building a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.