Security Operations Engineer

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Yellow Card App

WebsiteLinkedInAll Job Openings

51 - 200 employees

💳 Fintech

💸 Finance

💰 $40M Series B on 2022-09

Fintech • Payments • Finance

Yellow Card App is a pan-African fintech company operating in 20 countries. It is the largest and first licensed Stablecoin on-ramp/off-ramp on the African continent, offering secure and cost-effective solutions for businesses to buy and sell Stablecoins like USDT, USDC, and PYUSD using local currency. The platform facilitates borderless transactions and business payments through their Payments API and Widget, targeting businesses of all sizes. Yellow Card ensures secure and seamless financial operations across Africa with an emphasis on digital assets and mobile money integration.

📋 Description

• The engineer owns the full lifecycle of security detection and response inside the SOC, from signal design through to automated containment. • Design and maintain SIEM detection rules covering cloud, container, identity, and application layers, using both signature-based and behavioural logic. • Daily SIEM alert triage following defined response timing standard. • Classify, investigate, and resolve security signals; Reduce false-positive rates through structured tuning cycles, with documented rationale for rule changes. • Build and maintain SOAR playbooks for common alert types including IAM anomalies, misconfiguration alerts, exposed secrets, and container runtime events. • Own the end-to-end vulnerability triage process for cloud and container environments, prioritising findings by business impact using CVSS scoring, asset criticality, and exploitability context. • Review and approve IAM policy changes, enforcing least-privilege and flagging over-permissioned roles or service accounts. • Execute scheduled IAM hygiene reviews: unused credentials, stale access keys, overly broad policies, and cross-account trust boundaries.

🎯 Requirements

• 3 to 5 years of experience in security operations, cloud security, or infrastructure security engineering. • Hands-on AWS security experience: IAM policy design, virtual network architecture, cloud-native security services, CloudTrail, GuardDuty. • Kubernetes and EKS security experience: pod security standards, network policy enforcement, workload identity, image scanning. • SIEM operations: alert triage, detection rule authoring (signature-based and behavioural), log analysis and correlation. • Vulnerability management: CSPM tooling, risk-based prioritisation, CVSS scoring, SLA framework operation. • IaC security: ability to read and review Terraform or CloudFormation for misconfigurations. • Incident response: investigation, containment, and post-incident reporting. • Experience in a regulated environment (FinTech, payments, banking, or crypto preferred). • Ability to author and tune detection rules without relying on vendor-supplied defaults. • Structured written communication for triage reports, post-incident write-ups, and stakeholder metrics. • Ability to coordinate remediation across engineering teams without direct authority. • Comfort operating in a lean team where domain boundaries are broader than in large enterprise security functions.

🏖️ Benefits

• Remote-First Flexibility: We embrace a fully remote work environment. • Learning & Development: Access to resources, support, and autonomy to grow professionally. • Mental Health Support Services: Your mental well-being matters to us. • Competitive compensation and meaningful health coverage. • All full-time employees are participants in our stock option plan.