Operational Security Engineer

ABOUT THE ROLE

We are looking for an Operational Security Engineer to join our global FinTech organization and help strengthen the security of our people, devices, identities, and business operations.

This role focuses on building and operating practical security controls across the company’s internal environment. You will help secure enterprise platforms, strengthen identity and endpoint posture, assess risks introduced by third-party tools and emerging technologies, support incident response, and improve operational resilience across the organization.

We are looking for someone who is hands-on, analytical, and operationally minded, with strong cybersecurity experience and the ability to think like an adversary. The ideal candidate understands how modern threat actors operate, can apply threat-informed thinking to real-world business environments, and is comfortable working across identity, SaaS, endpoint, and user security.

You will collaborate closely with internal teams such as Productivity & AI Engineering, Cloud Security, and Application Security whenever work spans multiple security domains.

KEY RESPONSIBILITIES

• Operate and continuously improve the security enterprise platforms through effective controls, detections, monitoring, and incident response.
• Configure and manage IAM, access controls, and contextual access policies in line with least-privilege principles and secure access standards.
• Manage and maintain the company’s MDM/EDR capabilities, ensuring endpoint visibility, policy coverage, timely updates, and organization-wide adoption.
• Review new tools, workflows, and third-party integrations, including SaaS, AI tools, MCPs, and plugins—and provide practical security guidance to reduce operational risk while enabling the business.
• Drive and improve the company’s security awareness program, helping users operate safely through practical guidance and support.
• Monitor emerging attacks, vulnerabilities, and threat actor tradecraft, and turn that knowledge into practical defensive improvements across the company.
• Apply adversarial thinking and practical threat modeling to identify realistic attack paths and improve operational resilience across user workflows, enterprise tooling, and internal systems.
• Help define and improve security policies, standards, best practices, and configuration baselines for internal systems and business tooling.

WHAT YOU BRING

• Fluency in English.
• Strong hands-on experience securing and operating enterprise SaaS and cloud platforms.Experience with identity and access management, contextual access controls, and secure administration of business-critical systems.
• Experience operating MDM/EDR and other endpoint security controls.
• Experience responding to security incidents, compromises, and breaches.Advanced cybersecurity experience, including exposure to sophisticated threat actors, knowledge of modern attacker tradecraft, and the ability to apply an adversarial mindset to defensive work.
• Experience conducting practical threat modeling with real operational impact.
• Experience assessing the security of third-party tools, integrations, and emerging technologies introduced into the business.
• Ability to perform open-source threat intelligence activities relevant to current threats and company exposure.
• Strong communication and cross-functional collaboration skills.
• Experience working in Agile environments.

Nice to have

• Experience in FinTech, crypto, or other fast-moving technology environments, with familiarity with blockchain ecosystems and decentralized security challenges.
• Experience with Python and/or JavaScript.
• Experience with on-chain threat monitoring and forensics.
• Experience using AI agents and agentic workflows to improve security operations.

ROOTIES BENEFITS

At RootstockLabs, we don’t just offer a job, we offer a community. Here’s what you can expect when you join us:

• Competitive compensation package and unique benefits designed to support your growth and well-being.
• 100% Remote Work from Europe / Latin America, with access to global CoWorking spaces.
• Work-Life Balance: Paid vacation and sick leave days
• Continuous Learning: Access to training programs, language courses, and learning sponsorship annually.
• Unique Projects: Work with cutting-edge blockchain technology in a global, diverse team.
• Monthly Allowance for Contractors to support your connectivity and well-being.

ABOUT ROOTSTOCKLABS

RootstockLabs builds Bitcoin-secured DeFi infrastructure that enables companies and financial institutions to offer borrowing, lending, investment, and payment solutions at global scale.

• Market: Companies, financial institutions, and their customers
• Product: Bitcoin-secured DeFi financial products
• Distribution: B2B2C through regulated financial institutions

We operate at the intersection of crypto infrastructure and institutional finance, enabling compliant, scalable access to decentralized financial services powered by Bitcoin.