We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Security Operations Center(SOC) Engineer at OpenFX. . Location: Bengaluru/Remote. Job Description. . The Problem. . OpenFX processes billions of dollars in transaction volume every month across global corridors. Our backend systems power pricing, routing, settlement, reconciliation, compliance, and risk. These systems sit directly on the money path, where correctness, reliability, and latency are non negotiable. Our systems connect banks, liquidity providers, third party systems, internal applications, identity systems, and cloud infrastructure - all operating in real time.. . As transaction volume and geographic footprint scale, so does our threat surface.. . We face:. . . Sophisticated financial fraud attempts. . Account takeovers and identity abuse. . Insider risk. . Infrastructure exploitation. . Third-party integration risk. . Regulatory and compliance obligations. . . In fintech, a delayed alert is money lost. A missed signal is reputational damage. A weak process is regulatory exposure.. . Security cannot be reactive or checkbox-driven. It must be operational, measurable, 24/7 capable, and deeply integrated into how we ship and scale.. . We need a SOC Lead who can build and own a high-performance security operations function - one that detects early, responds decisively, reduces systemic risk, and scales ahead of growth.. . Our goal is to scale transaction volume with a security foundation that is stronger than the threats we face.. . What You Will Actually Do & Own. . In your first 6 to 12 months, you will:. . . Build and operationalize a fintech-grade SOC function. . . Define monitoring strategy across cloud, infra, identity, endpoints, and transaction systems. . Establish detection coverage aligned to MITRE ATT&CK and fraud threat models. . . . Own incident response end-to-end. . . Lead containment, eradication, and recovery for security incidents. . Run post-incident reviews with clear root cause analysis and systemic fixes. . Minimize blast radius and reduce time to detect (MTTD) and respond (MTTR). . . . Design and mature detection engineering. . . Define high-signal alerting strategy (reduce noise, increase signal). . Improve SIEM use cases, telemetry coverage, correlation rules. . Build measurable detection coverage maps. . . . Define security KPIs & KRIs. . . Track detection coverage, false positive rate, incident severity trends. . Establish executive dashboards with actionable metrics. . Quantify operational risk reduction. . . . Embed SOC into engineering and product workflows. . . Integrate security review into new feature launches. . Ensure logging, telemetry, and auditability are designed upfront. . Partner with backend, infra, and platform teams to close systemic gaps. . . . Reduce systemic financial risk. . . Align security monitoring with transaction flows, reconciliation pipelines, and money movement controls. . Detect abnormal patterns in account behavior, API misuse, and privilege escalation. . . . Build and scale the SecOps team. . . Hire, mentor, and level up analysts and detection engineers. . Define shift models (if required), escalation paths, and on-call processes. . Establish a culture of ownership and precision. . . . Operationalize compliance through execution. . . Ensure SOC processes support ISO 27001, PCI DSS, NIST, and regulatory requirements. . Produce defensible evidence for audits. . . . . What Success Looks Like. . You will be measured on:. . . . Reduced security risk exposure. . Fewer critical incidents, reduced dwell time, measurable control maturity. . . . Operational excellence. . Clear runbooks, high-quality incident handling, low alert fatigue. . . . Detection quality. . High signal-to-noise alerts, proactive threat hunting, coverage against key attack vectors. . . . Executive trust. . Leadership has clear visibility into risk posture and remediation progress. . . . Team quality. . Analysts are strong, accountable, and growing; the SOC becomes a force multiplier. . . . Security embedded in product velocity. . Engineering moves fast without increasing risk. . . . Requirements. . Required (Non-negotiable). . . 8 to 12+ years in cybersecurity operations. . Proven experience building or maturing a SOC in a complex environment. . Deep experience in incident response and security investigations. . Hands-on experience with SIEM platforms and detection rule engineering. . Strong knowledge of cloud security (AWS/GCP/Azure), identity systems, and SaaS telemetry. . Experience defining KPIs, dashboards, and operational metrics. . Strong leadership and team management experience. . Ability to communicate risk clearly to executives and non-technical stakeholders. . . Strongly Preferred (Accelerates Ramp). . . Experience in fintech, payments, or high-transaction financial systems. . Knowledge of SOC 2, ISO 27001, NIST, CIS. . Experience with EDR, SOAR, DLP, CASB, MDM, Email Security. . Familiarity with fraud detection models and transaction risk monitoring. . Experience in Product Security and CI / CD Security. . CISSP, CISM, CISA, or equivalent certifications. .