findatechjob logo
MoonPay

Security Engineer – SIEM Platform (Google SecOps)

MoonPay • US
Python Hybrid
Apply Now
Hi, we’re MoonPay. We’re here to onboard the world to the decentralized economy.

Why?
Because crypto and blockchain aren’t just technologies—they’re tools for global financial empowerment. They give people control over their money, their digital assets, and their future, unlocking opportunities that traditional systems have kept out of reach.

What we do
At MoonPay, we’re building the infrastructure that powers this new financial system. We make it easy for anyone, anywhere, to buy, sell, and trade crypto using everyday payment methods like cards, Apple Pay, PayPal, Revolut and Venmo. We provide simple tools to send, receive, and manage stablecoins, so anyone can participate in the crypto economy confidently.

Trusted by nearly 30 million customers and over 500 companies, our secure, enterprise-grade platform is driving mainstream crypto adoption worldwide.

We collaborate with innovative brands and projects to build secure, scalable solutions for a blockchain-powered future. And we’re committed to doing it right—fully licensed in the U.S. and regulated across the UK, EU, Canada, and Australia—because trust and compliance are non-negotiable.

But we’re just getting started. We’ve launched a consumer app that makes crypto accessible, intuitive, and usable for everyone, and it’s growing fast. We’re iterating every day to make it the best it can be.

If you believe financial freedom should be for everyone—if you believe in building a fairer, more open financial system—we want you with us. To build systems that benefit all, we need contributions from all, regardless of background.

Come build the future of payments and the decentralized economy with MoonPay. Let’s make financial freedom and autonomy the new normal.

Locations Supported 🌍

US, New York
Relocation available:No
Work pattern:This role will be hybrid (we expect you in our New York office ~2–3 days per week).

About the Opportunity

The Security Operations (SecOps) team at MoonPay is dedicated to ensuring the security and integrity of our systems and data in an increasingly complex digital landscape. Comprising a diverse group of professionals from various regions around the globe, our multicultural team brings together a wealth of expertise and perspectives to tackle security challenges effectively. 

Our mission is to identify and mitigate vulnerabilities and threats while maintaining strict compliance with security policies and relevant regulations. By leveraging advanced security measures and proactive threat detection techniques, we work diligently to safeguard our infrastructure and protect our customers’ information. 

In collaboration with the IT team and other departments, we foster a culture of security awareness, sharing best practices and ensuring that everyone at MoonPay understands their role in maintaining a secure environment. 

Our key responsibilities include incident response, security monitoring, endpoint security, VPN,  vulnerability management, and third-party risk management (TPRM), all of which contribute to our overarching goal: to create a secure environment for our employees, clients and partners. 

Join us in our commitment to security excellence and help us build a safer future in the blockchain and payments industry!

What You Will Do

As a Security Engineer, SIEM Platform, you will lead the design, implementation, and continuous improvement of our Google SecOps (Chronicle) platform in a demanding and fast-paced environment. 

You will work closely with project managers, security engineers, and key stakeholders to deliver scalable SIEM/SOAR capabilities—while also serving as an L2 Incident Responder, leading investigations end-to-end and enabling the SOC Team through runbooks and operational guidance. 

This role blends platform engineering (integration, automation, performance, detection content) with hands-on security operations (triage, investigation, response leadership).

Design and Implementation of Google SecOps

  • Integration of Google SecOps SIEM with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems.
  • Write custom actions, scripts and/or integrations to extend SIEM platform functionality.
  • Creation of SIEM assets such as: detection rules using YARA-L, dashboards, parsers etc.
  • Extension of pre-built UDMs in Google SecOps and creation of custom parsers where required for log sources.
  • Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts, dashboards etc.
  • Monitor performance and perform timely actions to scale SIEM deployment.
  • Creation of custom SIEM dashboards to meet security requirements.
  • Debug and solve customer issues in ingestion, parsing, normalization of data etc
  • Develop SOAR playbooks to provide case handling and Incident response as per triage needs.
  • Design and implement solutions to handle alert fatigue encountered in SIEM correlation.

    • L2 Incident Response (Operational Role)

  • Actively participate in Security Operations activities as an L2 Incident Responder.
  • Lead incidents through all stages: identification, containment, eradication, recovery, and lessons learned. 
  • Serve as the primary point of contact for the SOC regarding SIEM investigations, platform behavior, detection logic, and operational troubleshooting.
  • Support continuous improvement by translating incident learnings into better detections, dashboards, and playbooks.

    • About You (Must-have experience and skills)

  • Must-have experience and skills
    • Experiences
  • Minimum of 2-3 years in Cybersecurity, ideally security operations or security operation center.
  • Expertise on incident management, SIEM, DLP, threat intelligence, VPN, and email security.
    • Technical Proficiency
  • Google SecOps SIEM experience in the areas of responsibility for at least 1 year.
  • Experience building detection content (rule logic, correlation, tuning); YARA-L experience preferred. 
  • Experience integrating security tools via APIs and automation (EDR, NDR, ticketing). 
  • Scripting ability (e.g., Python, Bash) for automation and troubleshooting.
    • Cybersecurity Principles
  • Strong understanding of cybersecurity principles and best practices.
  • Strong knowledge of network, endpoint, identity, and cloud security fundamentals.
    • Analytical Skills
  • Excellent analytical and problem-solving abilities.
    • Crisis Management
  • Ability to work effectively under pressure.
  • Capable of handling multiple incidents simultaneously.
    • Communication
  • Strong communication and interpersonal skills to collaborate with various teams.
    • You’re a Security Engineer who can both build and operate at scale. You have strong expertise in Google SecOps and are equally comfortable with leading incident response. You will be working primarily on the following stack: Apple systems, Google SecOps, Okta, Google Workspace, Slack, Code42, Crowdstrike, Cloudflare WARP, Tenable Nessus and Jamf Pro.

    About You (Nice-to-have experience)

  • Education
    • Bachelor's degree in Computer Science, Information Security, or a related field. Equivalent work experience will be considered.
  • Security Frameworks
    • Experience with frameworks such as ISO 27001, SOC 2, and PCI-DSS.
    Responsible for defining and implementing key security controls. 
  • Incident Response
    • Practical incident response experience including triage, investigation, containment, and communications.
  • Vulnerability Management
    • Identifying, prioritizing, and automating remediation of security vulnerabilities.

    Bonus Points

  • Certifications 
    • CISSP, CISM, or equivalent certifications are a plus.
    Google Cloud Certified Professional Security Operations Engineer
  • Technical Proficiency 
    • Proven experience with tools such as:
    Google Cloud Platform
    Okta
    Crowdstrike
    Cloudflare Zero Trust
    Tenable Nessus
    ZeroFox
    Code42

    Apply Now