Job Description: SecOps EngineerOverviewWe are seeking a Security Operations (SecOps) Engineer to join our team and strengthen our security posture across infrastructure, applications, and processes.
The ideal candidate will be hands-on in securing systems, monitoring threats, and responding to incidents, while also bringing strong experience in PCI DSS compliance and audits.
This role sits at the intersection of operations, security, and compliance, ensuring that our environments remain both secure and compliant with industry standards.Key ResponsibilitiesDesign, implement, and maintain security controls across infrastructure and applications.Monitor, detect, and respond to security incidents, escalating where necessary.Manage and optimize SIEM, IDS/IPS, vulnerability management, and endpoint security tools.Partner with DevOps and IT teams to embed Infrastructure as Code Security into CI/CD pipelines and cloud deployments.Lead and support PCI DSS compliance initiatives, including:Preparing for audits, ensuring controls are in place and effective.Gathering evidence, coordinating with auditors, and remediating findings.Maintaining continuous compliance and tracking remediation activities.Conduct regular security risk assessments, penetration testing coordination, and vulnerability scanning.Develop and maintain a strong security posture, responding to RFI / RFPs regarding our policies and standards.Stay up to date on emerging threats, vulnerabilities, and compliance requirements.RequirementsProven experience in a Security Operations Engineer / SecOps / Security Engineer role and knowledge of industry standards such as OWASPStrong technical knowledge across cloud (especially AWS), Linux/Windows systems, and networking.Hands-on experience with security tools (e.g., SIEM, IDS/IPS, vulnerability scanners, endpoint protection).
Demonstrated experience with PCI DSS compliance and audit processes (preparation, remediation, evidence collection, audit liaison).
Strong incident response, troubleshooting, and problem-solving skills.Excellent communication skills, with the ability to work cross-functionally and liaise with auditors, stakeholders, and leadership.Nice-to-HaveFamiliarity with other frameworks such as ISO 27001, SOC 2, or NIST.Security certifications such as CISSP, CISM, CISA, CEH, or PCI Professional (PCIP).
Scripting/automation skills (Python, Bash, PowerShell, or similar)Knowledge of zero-trust architectures and advanced threat detection strategies.What We OfferOpportunity to shape and mature a growing security function.Exposure to both hands-on technical security operations and strategic compliance initiatives.Competitive compensation, benefits, and professional development support.A collaborative culture where security is a top priority.Key Relationships CustomerProvide standards to customer security teams and address any existing or potential customer inquiries.
Cloud EngineeringAddress security concerns with existing and new hosting infrastructure design.
This team also provides resourcing for PCI initiatives.Development TeamsEnsure that potential vulnerabilities found are raised to the product development teams as necessary.