Join our constellation

M13 and our portfolio of tech startups are building the future. Join us in this purposeful work.
companies
Jobs
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Security Operations Center(SOC) Engineer

Openfx

Openfx

Operations
Bengaluru, Karnataka, India · Remote
Posted on Mar 13, 2026

Job Description

The Problem

OpenFX processes billions of dollars in transaction volume every month across global corridors. Our backend systems power pricing, routing, settlement, reconciliation, compliance, and risk. These systems sit directly on the money path, where correctness, reliability, and latency are non negotiable. Our systems connect banks, liquidity providers, third party systems, internal applications, identity systems, and cloud infrastructure - all operating in real time.

As transaction volume and geographic footprint scale, so does our threat surface.

We face:

  • Sophisticated financial fraud attempts
  • Account takeovers and identity abuse
  • Insider risk
  • Infrastructure exploitation
  • Third-party integration risk
  • Regulatory and compliance obligations

In fintech, a delayed alert is money lost. A missed signal is reputational damage. A weak process is regulatory exposure.

Security cannot be reactive or checkbox-driven. It must be operational, measurable, 24/7 capable, and deeply integrated into how we ship and scale.

We need a SOC Lead who can build and own a high-performance security operations function - one that detects early, responds decisively, reduces systemic risk, and scales ahead of growth.

Our goal is to scale transaction volume with a security foundation that is stronger than the threats we face.

What You Will Actually Do & Own

In your first 6 to 12 months, you will:

  1. Build and operationalize a fintech-grade SOC function
    • Define monitoring strategy across cloud, infra, identity, endpoints, and transaction systems
    • Establish detection coverage aligned to MITRE ATT&CK and fraud threat models
  2. Own incident response end-to-end
    • Lead containment, eradication, and recovery for security incidents
    • Run post-incident reviews with clear root cause analysis and systemic fixes
    • Minimize blast radius and reduce time to detect (MTTD) and respond (MTTR)
  3. Design and mature detection engineering
    • Define high-signal alerting strategy (reduce noise, increase signal)
    • Improve SIEM use cases, telemetry coverage, correlation rules
    • Build measurable detection coverage maps
  4. Define security KPIs & KRIs
    • Track detection coverage, false positive rate, incident severity trends
    • Establish executive dashboards with actionable metrics
    • Quantify operational risk reduction
  5. Embed SOC into engineering and product workflows
    • Integrate security review into new feature launches
    • Ensure logging, telemetry, and auditability are designed upfront
    • Partner with backend, infra, and platform teams to close systemic gaps
  6. Reduce systemic financial risk
    • Align security monitoring with transaction flows, reconciliation pipelines, and money movement controls
    • Detect abnormal patterns in account behavior, API misuse, and privilege escalation
  7. Build and scale the SecOps team
    • Hire, mentor, and level up analysts and detection engineers
    • Define shift models (if required), escalation paths, and on-call processes
    • Establish a culture of ownership and precision
  8. Operationalize compliance through execution
    • Ensure SOC processes support ISO 27001, PCI DSS, NIST, and regulatory requirements
    • Produce defensible evidence for audits

What Success Looks Like

You will be measured on:

  • Reduced security risk exposure

    Fewer critical incidents, reduced dwell time, measurable control maturity

  • Operational excellence

    Clear runbooks, high-quality incident handling, low alert fatigue

  • Detection quality

    High signal-to-noise alerts, proactive threat hunting, coverage against key attack vectors

  • Executive trust

    Leadership has clear visibility into risk posture and remediation progress

  • Team quality

    Analysts are strong, accountable, and growing; the SOC becomes a force multiplier

  • Security embedded in product velocity

    Engineering moves fast without increasing risk

Requirements

Required (Non-negotiable)

  • 8 to 12+ years in cybersecurity operations
  • Proven experience building or maturing a SOC in a complex environment
  • Deep experience in incident response and security investigations
  • Hands-on experience with SIEM platforms and detection rule engineering
  • Strong knowledge of cloud security (AWS/GCP/Azure), identity systems, and SaaS telemetry
  • Experience defining KPIs, dashboards, and operational metrics
  • Strong leadership and team management experience
  • Ability to communicate risk clearly to executives and non-technical stakeholders

Strongly Preferred (Accelerates Ramp)

  • Experience in fintech, payments, or high-transaction financial systems
  • Knowledge of SOC 2, ISO 27001, NIST, CIS
  • Experience with EDR, SOAR, DLP, CASB, MDM, Email Security
  • Familiarity with fraud detection models and transaction risk monitoring
  • Experience in Product Security and CI / CD Security
  • CISSP, CISM, CISA, or equivalent certifications
See more open positions at Openfx
Privacy policyCookie policy