Security and Threat Operations Engineer at Jobgether – United States

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security and Threat Operations Engineer in the United States.

This role sits at the core of a fast-moving fintech security organization, focused on protecting large-scale consumer financial products and infrastructure. You will transform production telemetry into actionable detections, investigations, and automated responses that help prevent fraud, abuse, and malicious activity across cloud, application, and identity systems. Working closely with Product Security, Platform Security, and Engineering teams, you will play a key role in identifying threats early and strengthening system resilience. The environment is highly dynamic, requiring strong technical depth, quick decision-making, and the ability to operate at speed without compromising rigor. You will also contribute to vulnerability management, detection engineering, and incident response operations across a modern cloud-native stack. This role is ideal for a hands-on security engineer who thrives at the intersection of detection, automation, and real-time threat response.

• Build, tune, and maintain security detections, alerts, and monitoring workflows across cloud, application, API, identity, and edge environments.
• Investigate suspicious activity across web traffic, authentication flows, and infrastructure telemetry to identify abuse, fraud, and adversarial behavior.
• Develop Python-based automation and tooling to enhance threat detection, investigation, enrichment, and incident response efficiency.
• Operate and improve vulnerability management processes, including triage, prioritization, tracking, and remediation coordination.
• Partner with Product Security and Engineering teams to translate threat models and risk insights into actionable detection and response strategies.
• Conduct end-to-end security investigations, including triage, scoping, containment support, and remediation follow-through.
• Support detection engineering efforts using SIEM and observability platforms such as Datadog, CloudWatch, or similar tools.
• Participate in proactive threat hunting activities and contribute to a 24/7 on-call incident response rotation.
• Help define and enforce secure operational practices aligned with PCI, SOC 2, and internal security standards.

• 5+ years of experience in security operations, detection engineering, incident response, or threat detection in cloud-native environments.
• Strong experience analyzing web, API, authentication, and infrastructure telemetry to detect malicious or anomalous behavior.
• Proven ability to identify fraud, abuse patterns, credential attacks, reconnaissance, and exploitation attempts.
• Strong Python programming skills for building automation, security tooling, and data enrichment workflows.
• Experience designing, tuning, and operating detections within SIEM or security monitoring platforms.
• Hands-on experience with vulnerability management programs, including triage and remediation tracking.
• Familiarity with cloud security platforms and tools such as Wiz, including vulnerability and runtime risk analysis.
• Experience working with at least one major cloud provider, preferably AWS.
• Strong understanding of identity systems, authentication flows, and API security in modern distributed systems.
• Solid grasp of threat modeling, risk prioritization, and security controls across cloud and application environments.
• Practical experience using AI tools in security workflows, with awareness of associated risks such as data leakage or prompt injection.
• Strong communication, collaboration, and analytical skills in fast-paced, cross-functional environments.

• Competitive base salary with equity/stock option opportunities.
• Comprehensive health, dental, and vision insurance starting from day one.
• 401(k) retirement plan with company matching contributions.
• Remote-friendly work environment within the United States.
• Flexible time off and paid parental and caregiver leave policies.
• High-impact role in a fast-growing, mission-driven fintech organization.
• Exposure to modern cloud-native security technologies and large-scale production systems.
• Collaborative culture emphasizing speed, ownership, and innovation.