Remote Lead Security Operations Engineer

Description:

• mx51 is a payments-as-a-service solution for banks, non-bank acquirers, and other merchant service providers, building a payment platform for merchants to accept payments in-store, in-app, and online.
• The Lead Security Operations Engineer will lead the design, implementation, and continuous improvement of security operations, focusing on detection and response capabilities.
• The role aims to reduce the likelihood of security incidents, contribute to compliance initiatives, and help mx51 build and maintain trust with customers and partners.
• Responsibilities include security monitoring across public cloud environments (AWS and Azure), end-user devices, and SaaS from third-party providers.
• The position provides access to best-in-class security software including EDR, CSPM, CNAPP, SIEM, DLP, and IDAM.
• Collaboration with engineering peers and cross-functional stakeholders is essential to achieve security outcomes without hindering the speed and agility of the fintech scaleup.
• The Lead Security Operations Engineer will act as the Subject Matter Expert (SME) for security operations across mx51’s entire operating environment.
• The role involves designing and documenting security operations strategy and procedures, building integrations and workflows for security information and event ingestion, and proactively hunting for threats.
• The engineer will develop advanced threat detection rules and analytics using SIEM and other tools, automate checks for security controls, and contribute to security incident response efforts.

Requirements:

• Candidates should have extensive experience (5+ years) in security operations, focusing on detection and response, with hands-on experience in designing and implementing end-to-end security controls.
• Strong knowledge of security principles, attack vectors, and frameworks like MITRE ATT&CK is required.
• Proficiency with public cloud platforms (AWS and Azure) is necessary; familiarity with containers and Kubernetes is a bonus.
• Experience using SIEM tools (e.g., Splunk) for real-time security monitoring and analysis is essential.
• Scripting skills (e.g., Python) for automation and analysis are required.
• Relevant certifications (e.g., SANS, AWS, Azure, CISSP) are advantageous but not mandatory.
• Candidates who are passionate about security but do not meet every requirement are encouraged to apply, as well as seasoned DevOps or cloud infrastructure engineers looking to transition into a full-time security role.

Benefits:

• Employees can work from overseas for up to 4 weeks per year.
• The company offers flexible work practices and tools to help set up remote workstations.
• Access to co-working facilities across three states is provided.
• An annual team offsite and social events run by a social committee are included.
• Employees can swap a public holiday for an alternative day off.
• Paid leave for volunteering is offered.
• An Employee Share Option Plan is available, subject to invitation.
• Paid parental leave for primary and secondary carers is provided.
• Novated lease and salary sacrifice options are available.