SecOps Engineer

Mumbai, Maharashtra, India | Technology | Full-time | Fully remote

Apply

About the Tech Team

 

The engineering team at Drip Capital is responsible for building and maintaining the online global trade financing platform that supports the interactions between buyers, sellers, financing partners, insurance agents, global retail partners, trade agents, shipping & transportation companies, supply chain and warehousing companies worldwide.

 

Our primary goal is to ensure that customers are provided time-critical capital and at the same time balance requirements related to risk, fraud management, and compliance. The services are accessed by customers worldwide and hence the engineering systems need to be policy-driven, easily reconfigurable, and able to handle multiple regional languages. We use machine learning for risk classifications/predictions, intelligent document parsing subsystems, robotic process automation, REST APIs to connect our microservices, and a cloud-based data lake and warehouse for data storage and analysis.

 

Our team comprises talent from top-tier institutions including Wharton, Stanford, and IITs with years of experience at companies like Google, Amazon, Standard Chartered, Blackrock, and Yahoo. We are backed by leading Silicon Valley investors - Sequoia, Wing, Accel, and Y Combinator. We are a global company headquartered in Silicon Valley along with offices in India and Mexico.

 

Responsibilities:

 

  • Actively monitor security threats and risks involving customer infrastructure.
  • Research and publish Security Advisory on emerging threats in FinTech space.
  • Triages security alerts, Incidents and provide high-level recommendations and mitigation to IT / IS teams.
  • Detect TTP of emerging threats in the application, network, and infrastructure layers.
  • Setup monitoring systems to detect APTs (Advanced Persistent Threats).
  • Automate Root Cause Analysis (RCA) of security incidents, malware analysis, etc.
  • Create and update WAF, IDS/IPS, Network Firewall rules, and signatures to capture IoCs.
  • Own the security posture of cloud infrastructure - AWS.
  • Architect and implement SOAR (Security Orchestration Automation and Response) workflows in the cloud.
  • Develop log correlation patterns with SIEM and non-SIEM observability platforms like NewRelic.
  • Publish weekly and monthly threat detection and intrusion reports.
  • Manage L1 monitoring and handle end-to-end Incident Management.
  • Evaluate threat detection capabilities of EDR and Cloud Workload Protection solutions.

 

Requirements:

  • Hands-on experience in Threat Intelligence, Vulnerability Management, and IPS / IDS.
  • Prior experience setting up monitoring systems and incident management processes in the cloud.
  • Hands-on experience in automating Advanced threat hunting and Custom detection/block rules.
  • Should be able to work with the Global SOC team to ensure 24/7 security posture.
  • Preferred certifications: CYSA, SC200, or any relevant SOC certifications.
  • Should have experience being part of a Blue team.
  • Ability to read and understand IaC, and identify risks. Terraform, Pulumi, etc
  • Working knowledge of any scripting language; Python or Go preferred

 

If you love to explore the security aspects of a distributed system that makes decisions related to global trade finance, let's talk!