Location: Austin, United States (Hybrid)

Hybrid | Full-time

Compensation: $150K - $175K

Our client is an innovative firm operating at the intersection of institutional finance and emerging blockchain technology. Backed by $40M in funding from premier venture capital firms including Electric Capital and Paradigm, the organization is bridging the gap between decentralized finance and traditional Wall Street by rebuilding financial infrastructure to be faster, safer, and fully on-chain.

In this environment, security is viewed as a primary client-facing differentiator and a core pillar of institutional trust. The security program is integral to client due diligence, auditor engagements, and enterprise contract negotiations. Our client is seeking a Security Engineer to serve as the hands-on execution layer of a security strategy designed by the CISO.

This is a builder role focused on the technical implementation of a modern, cloud-native security stack. The successful candidate will stand up identity enforcement, endpoint protection, cloud posture management, threat detection, and GRC evidence pipelines. This position reports directly to the CISO, offering high technical autonomy and executive visibility within a production-grade environment.

Key Responsibilities:

Security Infrastructure & Implementation

• Design, deploy, and maintain core security controls across identity, endpoint, cloud, and application layers, including SSO/MFA enforcement, MDM, EDR, CSPM, secrets management, and DLP.
• Lead the technical integration of security tooling, ensuring controls are configured to produce auditor-credible evidence.
• Execute the technical security roadmap under the guidance of the CISO, managing parallel workstreams across infrastructure and daily operations.

Monitoring, Detection & Incident Response

• Build and maintain detection coverage across cloud and endpoint systems, validating alert paths through documented test scenarios.
• Monitor security logs for anomalous activity, investigate potential incidents, and provide structured updates to leadership.

Vulnerability & Patch Management

• Manage the vulnerability lifecycle, including scanning, triage, SLA-tracked remediation, and patching verification.
• Maintain a comprehensive inventory of non-human identities, including service accounts and API keys, ensuring proper rotation and expiry tracking.

Automation & Continuous Improvement

• Implement automation across security controls and evidence collection to reduce manual burden and improve scalability.
• Proactively identify security posture gaps and provide recommendations for enhancement to the CISO.

GRC & Operational Support

• Align technical controls with governance requirements and maintain organized artifacts for SOC 2 and other regulatory audits.
• Manage security aspects of the employee lifecycle, including device enrollment, identity provisioning, and access revocation.
• Develop documentation for security configurations and standard operating procedures.

Required Qualifications:

• Experience: Minimum of 3+ years of hands-on security engineering experience in a cloud-native environment.
• Identity & Cloud: Demonstrated experience with IAM platforms and AWS security services (IAM, CloudTrail, GuardDuty, Security Hub, Secrets Manager).
• Tooling: Working knowledge of Cloud Security Posture Management (CSPM) tools (e.g., Wiz, Prisma Cloud, Prowler) and CI/CD security integrations (SAST/SCA).
• Compliance Mindset: Ability to produce audit-quality documentation and evidence artifacts.
• Forward-Thinking: Understanding of how AI integrates into the modern security stack and a willingness to implement AI-driven processes.
• Soft Skills: Ability to operate with high autonomy and accountability in a high-growth, executive-facing environment.

Preferred Qualifications

• Experience supporting a full SOC 2 audit lifecycle.

• Familiarity with GRC platforms such as Vanta, Drata, or SecureFrame.

• Proficiency in scripting for security automation.

• Exposure to DLP tooling, AI data governance, or regulatory frameworks (NIST CSF, NYDFS Part 500).

• Professional certifications such as AWS Solutions Architect – Associate, AWS Certified Security – Specialty, or CISSP.

• Opportunity to build a security program from the ground up with significant organizational investment.

• Direct mentorship and collaboration with a CISO in a high-growth fintech environment.

• Autonomy to select and implement modern, production-grade security tooling.

• Competitive compensation and the chance to contribute to the foundational infrastructure of an institutional-grade financial platform.



Interview Process

1. Hiring Manager Interview: Initial technical and strategic discussion with the CISO.
2. Behavioral Interview: Assessment of core values and professional alignment.
3. Technical Interview: Deep dive into engineering capabilities and security implementation skills.
4. Final Interview: Comprehensive review with key stakeholders.

Due to the high volume of applications we anticipate, we regret that we are unable to provide individual feedback to all candidates. If you do not hear back from us within 4 weeks of your application, please assume that you have not been successful on this occasion. We genuinely appreciate your interest and wish you the best in your job search.

Commitment to Equality and Accessibility:

At MLabs, we are committed to offer equal opportunities to all candidates. We ensure no discrimination, accessible job adverts, and providing information in accessible formats. Our goal is to foster a diverse, inclusive workplace with equal opportunities for all. If you need any reasonable adjustments during any part of the hiring process or you would like to see the job-advert in an accessible format please let us know at the earliest opportunity by emailing human-resources@mlabs.city.

MLabs Ltd collects and processes the personal information you provide such as your contact details, work history, resume, and other relevant data for recruitment purposes only. This information is managed securely in accordance with MLabs Ltd’s Privacy Policy and Information Security Policy, and in compliance with applicable data protection laws. Your data may be shared only with clients and trusted partners where necessary for recruitment purposes. You may request the deletion of your data or withdraw your consent at any time by contacting legal@mlabs.city.