Principal SecOps Engineer

2025-10-20
MoonPay
Hi, we’re MoonPay. We’re here to onboard the world to the decentralized economy.Why?Because crypto and blockchain aren’t just technologies—they’re tools for global financial empowerment. They give people control over their money, their digital assets, and their future, unlocking opportunities that traditional systems have kept out of reach.What we doAt MoonPay, we’re building the infrastructure that powers this new financial system. We make it easy for anyone, anywhere, to buy, sell, and trade crypto using everyday payment methods like cards, Apple Pay, PayPal, Revolut and Venmo. We provide simple tools to send, receive, and manage stablecoins, so anyone can participate in the crypto economy confidently.Trusted by nearly 30 million customers and over 500 companies, our secure, enterprise-grade platform is driving mainstream crypto adoption worldwide.We collaborate with innovative brands and projects to build secure, scalable solutions for a blockchain-powered future. And we’re committed to doing it right—fully licensed in the U.S. and regulated across the UK, EU, Canada, and Australia—because trust and compliance are non-negotiable.But we’re just getting started. We’ve launched a consumer app that makes crypto accessible, intuitive, and usable for everyone, and it’s growing fast. We’re iterating every day to make it the best it can be.If you believe financial freedom should be for everyone—if you believe in building a fairer, more open financial system—we want you with us. To build systems that benefit all, we need contributions from all, regardless of background.Come build the future of payments and the decentralized economy with MoonPay. Let’s make financial freedom and autonomy the new normal.🌍 Locations Supported South Korea 🌔 About the Opportunity  The Security Operations (SecOps) team at MoonPay is dedicated to ensuring the security and integrity of our systems and data in an increasingly complex digital landscape. Comprising a diverse group of professionals from various regions around the globe, our multicultural team brings together a wealth of expertise and perspectives to tackle security challenges effectively.Our mission is to identify and mitigate vulnerabilities and threats while maintaining strict compliance with security policies and relevant regulations. By leveraging advanced security measures and proactive threat detection techniques, we work diligently to safeguard our infrastructure and protect our customers’ information.In collaboration with the IT team and other departments, we foster a culture of security awareness, sharing best practices and ensuring that everyone at MoonPay understands their role in maintaining a secure environment. Our key responsibilities include incident response, security monitoring, endpoint security, VPN,  vulnerability management, and third-party risk management (TPRM), all of which contribute to our overarching goal: to create a secure environment for our employees, clients and partners.Join us in our commitment to security excellence and help us build a safer future in the blockchain and payments industry!🚀 What you will do As a Principal Security Operations Engineer at MoonPay, you will take on a multifaceted role focused on enhancing our security posture. This position will be an in-country Security lead for MoonPay, working directly with the MoonPay CISO to ensure that we are aligned with all regulations and compliance initiatives specific to this country. Additional responsibilities include:· Incident Response Leadership: Serve as the primary incident commander, overseeing the full lifecycle of security incidents — from detection and triage through containment, eradication, and recovery. Lead cross-functional response teams, perform root cause analyses, and implement long-term corrective actions to enhance organizational resilience.· SIEM/SOAR Platform Engineering: Architect, manage, and continually refine the Google SecOps platform to enable scalable, automated detection and response. Develop and maintain advanced detection logic (e.g., YARA rules), custom parsers, and data ingestion pipelines across diverse log sources. Continuously tune detections to reduce false positives and improve signal fidelity.· Platform Optimization: Provide ownership for the operational excellence of the company’s core security stack, including CrowdStrike, Google SecOps, Area1, Cloudflare WARP, and Code42. Drive platform integrations, optimize configurations, and ensure these technologies operate cohesively to defend against emerging threats and align with security strategy.· Security Awareness & Culture Enablement: Champion a culture of security across the organization by delivering engaging awareness programs, tabletop exercises, and executive briefings. Empower employees to recognize and respond to threats effectively, reinforcing security as a shared responsibility.· Vulnerability & Threat Management: Lead the identification, prioritization, and remediation of vulnerabilities across endpoints, cloud, and SaaS environments. Partner with engineering and IT teams to ensure timely patching, configuration hardening, and validation of remediation effectiveness.· Third-Party Risk Governance: Oversee the evaluation of vendor and partner security posture throughout the procurement lifecycle. Define and enforce third-party risk management standards, ensuring external entities meet the company’s security and compliance expectations.· Strategic Security Initiatives: Act as a key contributor and technical advisor in enterprise-level security projects. Provide expert input on the design and deployment of new tools, architectures, and workflows that enhance the organization’s detection and response capabilities.· Process Engineering & Documentation: Develop, maintain, and continuously improve operational documentation, including playbooks, runbooks, escalation paths, and policy frameworks. Ensure processes are standardized, auditable, and aligned with industry best practices and compliance requirements.In this role, you will contribute significantly to the security landscape of MoonPay, helping to protect our systems, data, and customers while promoting a culture of security awareness and best practices throughout the organization.💻 What you will be working on In this role, you will work closely with the Security Operations (SecOps) team to provide direction and insight into daily security operations, strengthen our security posture, and promote best practices across the company. You’ll define and implement  security controls using tools like Crowdstrike, Okta, and Google SecOps; manage endpoint and network security; develop SIEM/SOAR detections and dashboards; support the SOC team with investigations and incident response; handle DLP and vendor risk reviews; and continuously identify ways to improve our processes. This is a great opportunity to make a real impact while growing your skills in a dynamic, collaborative environment.🧑‍🚀 About You   Experiences: · Minimum of 5-7 years in security operations.· Focus on incident management, SIEM, DLP, threat intelligence, VPN, and email security.· Previous interaction with in country regulatorsSecurity Frameworks: · Experience with frameworks such as ISO 27001, SOC 2, and PCI-DSS.· Responsible for defining and implementing key security controls.Cybersecurity Principles· Strong understanding of cybersecurity principles and best practicesAnalytical Skills: · Excellent analytical and problem-solving abilities.Crisis Management: · Ability to work effectively under pressure.· Capable of handling multiple incidents simultaneously. Communication: · Strong communication and interpersonal skills to collaborate with various teams· Multi-lingual is required for speaking with regulators in country as well as collaborating with the internal teamBonus QualificationsCertifications: · CISSP, CISM, or equivalent certifications are a plus.Technical ProficiencyProven experience with tools such as:· Google SecOps· Crowdstrike· Cloudflare· Code42· ZeroFox· Okta·  Google Workspace· JiraYou are passionate about cybersecurity and eager to contribute to the growth and resilience of MoonPay's Security Operations Team.\n\nWe’re looking for people who live our core values, those who strive for excellence and want to leave a lasting legacy  on the global financial system. Our values:B - Be HungryL - Level UpO - Own ItC - Crypto CuriousK - KaizenWhat’s in it for you💰Competitive salary package 🤝 Equity package: We believe financial freedom starts with our employees, so all employees have ownership at MoonPay📈 Pay for performance equity bonus: Those who drive outsized outcomes receive outsized rewards 🏝 Generous holidays: We give you the autonomy to choose when to work (and when to switch off)🌍 Hybrid working schedule: Work fully remotely or your nearest Moonbase, the choice is yours ✈️ Regular remote company offsites: Meet your colleagues regularly for high impact in person sessions and hackathons 🚀 Working in a disruptive and fast-growing company where excellence is rewarded What’s it like to work at MoonPay? At MoonPay, you’ll work alongside driven, resourceful people who are passionate about excellence in everything they do. Kaizen is more than just a saying here, it’s a mindset. We encourage you to think big, take risks, and push the boundaries of what’s possible, knowing you have the support of a team that wants to see you grow. We’re listed in the Sunday Times best places to work guide and consistently strive to provide an environment where everyone feels they can their best work.Whether you’re remote or collaborating with teammates around the world, you’ll find opportunities here to do the best work of your career while shaping the future of the decentralized economy.Commitment To DiversityResearch has shown that women are less likely than men to apply for this role if they do not have experience in 100% of these areas. Please know that this list is indicative, and that we would still love to hear from you even if you feel that you are only a 75% match. Skills can be learnt, diversity cannot.Please let us know if you require any accommodations for the interview process, and we’ll do our best to provide assistance. At MoonPay we believe that every voice matters. We strive to create a mindful and respectful environment where everyone can bring their authentic self to work, and experience a culture that is free of harassment, racism, and discrimination. That’s why we are committed to diversity and inclusion in the workplace and are a proud equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other characteristic protected by law. This policy applies to all employment practices within our organization, including, but not limited to, hiring, recruiting, promotion, termination, layoff, and leave of absence.MoonPay is also committed to providing reasonable accommodations in our job application procedures for qualified individuals with disabilities. Please inform our Talent Team if you need any assistance completing any forms or to otherwise participate in the application process.Please be aware that MoonPay does not request an AI-led interview without seeing a recruiter or team member from MoonPay on video call. We won't ask for your personal identification documents or any money from you during your interview process with us. Be fraud smart! If you receive an email - claiming to be from MoonPay - but from an email address ending in anything other than @moonpay.com, please be aware that this is not us.Please mention the word **EFFUSIVENESS** and tag RMTQyLjEzMi4yMTcuMjMw when applying to show you read the job post completely (#RMTQyLjEzMi4yMTcuMjMw). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.