Lead Security Operations Engineer

Job Description

We’re a bank grade scale-up which means we take security seriously and are able to get stuff done. We’re looking for a Lead Security Operations Engineer to join us and do exactly that - taking our cyber security operations to the next level! About the role: In this pivotal position, you’ll lead the design, implementation, and continuous improvement of our security operations, with a focus on detection and response capabilities. You’ll reduce the likelihood of security incidents, contribute to compliance initiatives, and help mx51 build and maintain trust with customers and partners. Your remit will cover security monitoring across public cloud environments (AWS and Azure), end-user devices and SaaS from third-party providers. To succeed, you’ll have access to the resources you need including best-in class security software across Endpoint Detection Response (EDR), Cloud Security Posture Management (CSPM), Cloud-Native Application Protection Platform (CNAPP), Security Information & Event Management (SIEM), Data Loss Prevention (DLP) and Identity & Access Management (IDAM). Collaboration is key - we’re seeking someone who can liaise effectively with engineering peers and cross-functional stakeholders to achieve security outcomes without impeding the speed and agility of our fintech scaleup. A bit more of the details: Act as the Subject Matter Expert (SME) for security operations across mx51’s entire operating environment. Help design and document security operations strategy and procedures, emphasising effective prevention, detection and response capabilities. Build integrations and workflows for security information and event ingestion, analysis, triage, notifications, and reporting. Proactively hunt for threats and address security deficiencies in systems and infrastructure. Develop advanced threat detection rules and analytics using SIEM and other tools. Automate checks to ensure that security controls function as expected. Contribute to security incident response efforts including investigation, containment, eradication and recovery. During your first 6 months you can expect to: Collaborate with security peers to help develop a comprehensive security operations strategy. Enhance mx51’s detection and response capabilities by uplifting SIEM and automating workflows. Act as SME to support security incident response. What we'd love to see in an applicant (but don't be put off if you don't have everything): Extensive experience (5+ years) in security operations, focusing on detection and response, with hands-on experience designing and implementing end-to-end security controls. Strong knowledge of security principles, attack vectors and frameworks like MITRE ATT&CK. Proficiency with public cloud platforms (AWS and Azure); familiarity with containers and Kubernetes is a bonus. Experience using SIEM tools (e.g. Splunk) for real-time security monitoring and analysis. Scripting skills (e.g. Python) for automation and analysis. Relevant certifications (e.g. SANS, AWS, Azure, CISSP) are advantageous but not mandatory. If you don’t meet every requirement but are passionate about security, we’d still love to hear from you! We also welcome applications from seasoned DevOps or cloud infrastructure engineers who’ve had a security ‘adjacent’ career and are looking to transition into a full-time security role. #J-18808-Ljbffr