Senior Security Operations Engineer - Remote

About the Role

We are seeking a Senior Security Operations Engineer to join our team at Bitso, where you will play a pivotal role in enhancing our security posture. This Senior Security Operations Engineer remote position allows you to work from anywhere while contributing to our mission of making crypto useful for everyone.

What You'll Do

• Own and operate the end-to-end vulnerability management lifecycle: discovery, scanning, prioritization, remediation tracking, and verification.
• Prioritize vulnerabilities using a risk-based approach that accounts for exploitability, threat intelligence, asset criticality, and business impact.
• Produce recurring vulnerability posture reports and trend analysis for stakeholders.
• Serve as a technical investigator for complex security alerts and support the investigation, containment, and remediation of security incidents.
• Participate in the on-call rotation to ensure coverage for critical alerts.
• Consume threat intelligence feeds and proactively hunt for Indicators of Compromise (IOCs) in our environment.
• Develop and integrate detection use cases for business applications, ensuring we are logging the right data, not just more data.
• Support regulatory compliance audits, including preparation of evidence and documentation aligned with Mexican financial regulatory requirements.
• Mentor and support junior team members, contributing to knowledge sharing and the overall growth of the security team.

Requirements

• 5+ years of technical experience in security operations, with strong hands-on experience in vulnerability management.
• Experience working in a SOC, CSIRT, or similar operational security environment.
• Hands-on experience with enterprise vulnerability scanning platforms (Qualys, Tenable, Rapid7, or equivalent).
• Strong understanding of risk-based vulnerability prioritization beyond CVSS.
• Experience investigating security alerts using EDRs and SIEM platforms.
• Familiarity with endpoint security policies, secure email gateways, and DLP concepts.
• Ability to produce clear, data-driven reporting for technical and executive audiences.
• Experience with Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or Ansible.
• Experience working within cloud environments, preferably AWS.
• Experience with Python, Bash, or similar scripting languages to automate workflows.
• Full professional fluency in English and Spanish.

Nice to Have

• Defensive security certifications (GCIH, GEVA) are a plus.
• Offensive security certifications (OSCP, GPEN, GXPN) are a strong plus.

What We Offer

• Unlimited paid time off through our Me Time program.
• Remote-first work environment.
• Employee Stock Option program.
• Zero trading fees through our Bitso Alpha app.
• Extended Family Leave Policy: all birthing parents, non-birthing parents, and adopting parents are eligible for a 4-month leave.
• Premium health, dental, and life insurances in multiple countries.

Join us at Bitso as a Senior Security Operations Engineer remote and help us shape the future of finance with crypto. Your expertise in security operations will be crucial in protecting our platform and our users.