Security Operations Center (SOC) Engineer

About Us

OpenFX is on a mission to move money as freely as data, unrestricted by time zones, banking hours, or legacy systems. We are building the infrastructure that will power the next generation of cross-border payment systems for institutions. The team's execution has been exceptional, and we're scaling at a remarkable pace. Our stellar early team comes with experience in companies like J.P. Morgan, Goldman Sachs, FalconX, Paypal, Affirm, Polygon, Kraken, Nium & others. We're backed by Accel, Faction, NfX, Accomplice, and other top-tier investors.

Role Overview

OpenFX processes billions of dollars in transaction volume every month across global corridors, connecting banks, liquidity providers, and third-party systems in real time. As transaction volume and geographic footprint scale, so does our threat surface. We need a SOC Engineer who can build and own a high-performance security operations function—one that detects early, responds decisively, reduces systemic risk, and scales ahead of growth. In fintech, a delayed alert is money lost and a missed signal is reputational damage. Security must be operational, measurable, and deeply integrated into how we ship and scale.

Key Responsibilities

• Build and operationalize a fintech-grade SOC function with monitoring across cloud, infrastructure, identity, endpoints, and transaction systems


• Establish detection coverage aligned to MITRE ATT&CK and fraud threat models


• Lead incident response end-to-end: containment, eradication, recovery, and post-incident reviews with clear root cause analysis


• Minimize blast radius and reduce mean time to detect (MTTD) and respond (MTTR)


• Design high-signal alerting strategy to reduce noise and improve SIEM use cases, telemetry coverage, and correlation rules


• Define and track security KPIs and KRIs including detection coverage, false positive rate, and incident severity trends


• Integrate security review into new feature launches and ensure logging, telemetry, and auditability are designed upfront


• Align security monitoring with transaction flows, reconciliation pipelines, and money movement controls


• Detect abnormal patterns in account behavior, API misuse, and privilege escalation


• Hire, mentor, and level up analysts and detection engineers; define escalation paths and on-call processes


• Ensure SOC processes support ISO 27001, PCI DSS, NIST, and regulatory requirements with defensible evidence for audits

What We're Looking For

Required

• 8 to 12+ years in cybersecurity operations


• Proven experience building or maturing a SOC in a complex environment


• Deep experience in incident response and security investigations


• Hands-on experience with SIEM platforms and detection rule engineering


• Strong knowledge of cloud security (AWS/GCP/Azure), identity systems, and SaaS telemetry


• Experience defining KPIs, dashboards, and operational metrics


• Strong leadership and team management experience


• Ability to communicate risk clearly to executives and non-technical stakeholders

Preferred

• Experience in fintech, payments, or high-transaction financial systems


• Knowledge of SOC 2, ISO 27001, NIST, CIS


• Experience with EDR, SOAR, DLP, CASB, MDM, Email Security


• Familiarity with fraud detection models and transaction risk monitoring


• Experience in Product Security and CI/CD Security


• CISSP, CISM, CISA, or equivalent certifications

What We Offer

• Competitive salary and benefits package.


• Equity in a rapidly growing company.


• Opportunity to work in a fast-paced startup at the forefront of fintech innovation.


• Opportunity to make a significant impact on global financial infrastructure.


• Collaborative work culture with emphasis on personal and professional growth.

We are committed to building a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.