Operational Security Engineer

ABOUT THE ROLE

We are looking for an Operational Security Engineer to join our global FinTech organization and help strengthen the security of our people, devices, identities, and business operations.

This role focuses on building and operating practical security controls across the company’s internal environment. You will help secure enterprise platforms, strengthen identity and endpoint posture, assess risks introduced by third-party tools and emerging technologies, support incident response, and improve operational resilience across the organization.

We are looking for someone who is hands-on, analytical, and operationally minded, with strong cybersecurity experience and the ability to think like an adversary. The ideal candidate understands how modern threat actors operate, can apply threat-informed thinking to real-world business environments, and is comfortable working across identity, SaaS, endpoint, and user security.

You will collaborate closely with internal teams such as Productivity & AI Engineering, Cloud Security, and Application Security whenever work spans multiple security domains.

KEY RESPONSIBILITIES

• Operate and continuously improve the security enterprise platforms through effective controls, detections, monitoring, and incident response.
• Configure and manage IAM, access controls, and contextual access policies in line with least-privilege principles and secure access standards.
• Manage and maintain the company’s MDM/EDR capabilities, ensuring endpoint visibility, policy coverage, timely updates, and organization-wide adoption.
• Review new tools, workflows, and third-party integrations, including SaaS, AI tools, MCPs, and plugins—and provide practical security guidance to reduce operational risk while enabling the business.
• Drive and improve the company’s security awareness program, helping users operate safely through practical guidance and support.
• Monitor emerging attacks, vulnerabilities, and threat actor tradecraft, and turn that knowledge into practical defensive improvements across the company.
• Apply adversarial thinking and practical threat modeling to identify realistic attack paths and improve operational resilience across user workflows, enterprise tooling, and internal systems.
• Help define and improve security policies, standards, best practices, and configuration baselines for internal systems and business tooling.

WHAT YOU BRING

• Fluency in English.
• Strong hands-on experience securing and operating enterprise SaaS and cloud platforms.
• Experience with identity and access management, contextual access controls, and secure administration of business-critical systems.
• Experience operating MDM/EDR and other endpoint security controls.
• Experience responding to security incidents, compromises, and breaches.
• Advanced cybersecurity experience, including exposure to sophisticated threat actors, knowledge of modern attacker tradecraft, and the ability to apply an adversarial mindset to defensive work.
• Experience conducting practical threat modeling with real operational impact.
• Experience assessing the security of third-party tools, integrations, and emerging technologies introduced into the business.
• Ability to perform open-source threat intelligence activities relevant to current threats and company exposure.
• Strong communication and cross-functional collaboration skills.
• Experience working in Agile environments.

Nice to have

• Experience in FinTech