Role Description We're looking for a Senior or Lead Security Engineer focused on Defensive Security (Blue Team / SOC) to own our security detection, monitoring, and incident response capabilities across infrastructure, cloud environments, and corporate systems. This role focuses on threat detection engineering, incident response, threat hunting, and security monitoring, with direct responsibility for supporting ISO/IEC 27001 and PCI DSS requirements for logging, monitoring, and incident management. At E2, you independently execute detection and incident response activities, build detection content, and operate SIEM/SOAR platforms. At E3, you act as a technical leader for Blue Team and SOC capabilities, setting detection strategy, defining response metrics, and mentoring others on incident response and threat hunting. What You'll Do - Own detection & response posture — Design, implement, and continuously improve detection and monitoring capabilities across cloud, endpoints, and networks - Lead incident response — Handle security incidents end-to-end: triage, containment, eradication, recovery, forensics, and post-incident reviews - Build detection engineering capabilities — Create, tune, and maintain SIEM correlation rules, alerts, and automated response workflows (SOAR) - Threat hunting & intelligence — Perform advanced threat hunting and operationalize threat intelligence platforms and external feeds - Develop detection content — Maintain detection artifacts, including YARA rules, signatures, and behavioral detections aligned with MITRE ATT&CK - Define security metrics — Track and improve SOC and IR KPIs (MTTD, MTTR, alert fidelity, false positives) and build dashboards for visibility - Support compliance — Review, validate, and provide evidence for ISO/IEC 27001 and PCI DSS controls related to logging, monitoring, and incident response - Improve visibility — Ensure proper logging, telemetry, and signal quality across AWS, operating systems, and network layers - Post-incident improvement — Lead post-mortems and continuously improve detection, response playbooks, and procedures - Mentor and guide — Coach engineers and security team members on incident response, detection engineering, and threat hunting best practices - Detect and respond to exploitation attempts related to common web application risks (OWASP Top 10) using logs, alerts, and incident analysis Qualifications - 3+ years in Blue Team, SOC, or Incident Response roles (5+ years for E3) - Strong experience with SIEM and SOAR tools (rule creation, tuning, automation) - Proven experience in incident response operations and security monitoring - Experience with threat intelligence platforms and threat feeds, and their use in detection and response - Strong experience performing advanced threat hunting techniques - Hands-on experience creating and maintaining detection content, including YARA rules - Ability to define and measure security and incident response metrics - Experience building security dashboards for SOC and IR visibility - Solid understanding of logging pipelines, telemetry, and event analysis - Familiarity with MITRE ATT&CK and attacker techniques - Experience supporting PCI DSS and ISO/IEC 27001 controls related to monitoring, logging, and incident response - Cloud security fundamentals (AWS preferred: CloudTrail, GuardDuty, Security Hub, IAM logging) - Scripting skills for automation (Python, Bash) - AI Fluency — Uses AI tools for log analysis, threat detection, and incident response automation - Understands AI-related security risks (data leakage, model abuse, misuse of AI tools) - Applies AI to accelerate threat hunting and incident analysis - Stays current on emerging AI security threats relevant to SOC operations Leadership & Communication - Experience communicating incidents, risks, and metrics to technical and non-technical stakeholders - Comfortable interacting with auditors during ISO 27001 and PCI DSS assessments - Strong documentation skills for procedures, playbooks, and incident reports - Fluent in Spanish; working knowledge of English for vendors and documentation Mindset - Strong defensive security mindset: prevention, detection, and response first - Proactive about identifying threats before they escalate into incidents - Calm and methodical under pressure during security incidents - Strong ownership—you see incidents and improvements through to completion - Curious about fintech-specific threats, fraud patterns, and regulatory impact Nice to Have - Industry-recognized Blue Team / SOC certifications: GIAC (GCED, GCIA, GCIH), Blue Team Level 1 / Level 2 (BTL1 / BTL2), SC-200 (Microsoft Security Operations Analyst), CISSP or CCSP - Experience acting as an incident commander during major incidents - Experience in financial services or regulated environments Our Stack - Cloud: AWS (CloudTrail, GuardDuty, Security Hub, IAM) - Infrastructure: Pulumi, Terraform, Datadog, Jenkins - Endpoint: Jamf, Microsoft Intune - Identity: SSO/SCIM, Active Directory - Compliance: PCI DSS, ISO/IEC 27001 Why Aplazo Our mission is to empower financial access and opportunity across Latin America through fair, simple, and transparent solutions. Our tech vision is to be the most beloved and innovative tech organization in Latin America. We're a Series B fintech growing fast — security is critical to our customers' trust and our ability to operate. You'll own core Blue Team and incident response capabilities for a platform that handles millions of financial transactions.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description Ultra Maritime is seeking a hands-on Information Systems Security Engineer Senior (ISSE) to support cybersecurity engineering and compliance for unclassified environments handling CUI. This role blends technical implementation with compliance engineering, focused on NIST SP 800-171 and CMMC Level 2 readiness and sustainment. This is a fully remote role with occasional travel to UM sites. Responsibilities - Compliance & Governance (about 30%): - Lead implementation and sustainment of NIST SP 800-171 controls and CMMC Level 2 practices. - Develop and maintain compliance artifacts: - SSPs - POA&Ms - Asset inventories, boundary definitions - Network and data flow diagrams - Conduct internal gap assessments and readiness reviews for CMMC. - Support evidence collection and technical walkthroughs during audits. - Translate compliance requirements into actionable technical work items. - Hands-On Technical Engineering (about 70%): - Design, implement, and harden on-premise systems supporting CUI environments (Windows/Linux servers, AD/Entra ID hybrid, virtualization, network segmentation). - Implement and tune technical security controls, including: - Identity & access management (MFA, least privilege, RBAC) - Endpoint security (EDR, device hardening, patching) - Vulnerability scanning and remediation - Centralized logging and monitoring (SIEM) - Secure configuration baselines (CIS/STIG-aligned) - Partner with IT infrastructure to implement network security controls (firewalls, VLANs, NAC, secure remote access). - Support secure system builds, change management, and incident response in CUI environments. - Help integrate security into on-prem and hybrid architectures (VMware/Hyper-V + cloud where applicable). Qualifications - Demonstrated, hands-on experience implementing NIST SP 800-171 controls, preferably in manufacturing environments. - Experience supporting CMMC Level 2 readiness or assessments. - Strong background in on-prem infrastructure security, including: - Windows and/or Linux server hardening - Active Directory or hybrid identity environments - Virtualized infrastructure (VMware/Hyper-V) - Network segmentation and firewall policy design - Experience with security tooling: vulnerability scanners, EDR, SIEM, MFA/IAM, configuration management. - Experience securing environments handling CUI (unclassified). - Ability to move fluidly between documentation and technical implementation. - Strong communication skills with engineers, IT staff, and leadership. - Experience remediating findings from 800-171 assessments or pre-CMMC readiness reviews. - Experience with hybrid environments (on-prem + cloud). - Typically, a Bachelor Degree (or equivalent) in Computer Science, Information Technology, Cybersecurity, or a related field with 4+ years of experience. Preferred Qualifications - Familiarity with NIST SP 800-53 and other relevant security standards for classified systems. - CompTIA Security+ certification or equivalent. - Understanding of risk management frameworks used in government environments. Requirements - May be required to maintain security clearance. Expected Compensation The expected compensation range for this role is $59,696.00 - $89,544.00. Please note this represents the expected range. Ultra Maritime considers multiple factors when determining final compensation, including the scope and responsibilities of the role, a candidate’s relevant experience and education, certifications and training, as well as current business and market conditions. Benefits - Climate controlled, well-lit and clean work environment! - Work/life balance that includes up to 3 weeks PTO for first year. - 8 Paid Holidays, with 3 floating holidays. - 401k Plan with Company Match. - Educational Assistance Program (Tuition Reimbursement). - Wellness Program and incentives. - Company HSA contributions. - Insurance Benefits that start 1st of the month following hire. - Eligibility in Company Performance-based bonuses annually. - Additional Employee Discounts and Perks. Company-Paid Benefits - $75 monthly student loan repayment program. - Basic Life Insurance. - Basic Accidental Death and Dismemberment (AD&D) Insurance. - Short Term Disability. - Long Term Disability. - Employee Assistance Program (EAP). Voluntary Employee-Paid Benefits - Medical and Prescription insurance. - Dental insurance. - Vision insurance. - Supplemental Life Insurance Plans. - Supplemental AD&D insurance for Employee and Family. - Accident Plan. - Critical Illness Plan. - Hospital Indemnity Plan. - Pet Insurance. - Identity Theft. Equal Opportunity Employer Ultra Maritime is an Equal Opportunity Employer. We are committed to providing a workplace that is fair, respectful, and inclusive, and we make employment decisions based on qualifications, merit, and business needs. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, ancestry, ethnicity, marital status, disability, genetic information, protected veteran status, citizenship status, or any other status protected by applicable federal, state, or local law. As a U.S. defense contractor, Ultra Maritime maintains strict standards related to integrity, compliance, and security. We operate a drug-free workplace and, where permitted by law, may conduct pre-employment background checks and substance-abuse screening based on role requirements.

• Actively participate in the Identity Field Center of Excellence to deliver value to clients by aligning Optiv services with our key technology partner solutions (SailPoint, Saviynt, Ping, Okta, Cisco, CyberArk, BeyondTrust, and Delinea-to name a few). • Maintain advanced knowledge of the client’s security environment, business operations, security needs, and risk appetite. • Identify their security concerns and how they correlate to Optiv’s strategic solutions across the assigned domain and holistic cybersecurity programs. • Identify cross-sell and upsell opportunities across clients and Optiv's partner relationships. • Qualify leads and partner with internal colleagues to determine scope, proposal management, and follow through to closure. • Participate in sales opportunities across Optiv's entire portfolio. • Clearly articulate how the necessary elements of the Optiv technology and services portfolio meet the specific needs of the client stakeholders at a senior leadership level. • Drive the generation services and technologies business to meet or exceed quarterly and annual quota objectives in partnership with the account and domain teams. • Stay abreast of industry trends, news, and maintain a broad understanding of the security landscape to facilitate thought leadership, support, analysis, and guidance to clients and internal Optiv groups. • Collaborate with service delivery to ensure the team has necessary supporting domain specialty materials that present a consistent and comprehensive approach. • Effectively work with multiple client personas across the security leadership team, as well as other relevant personas to develop security strategy and define roadmaps to execute on security strategy aligned business goals, budgetary spend, and metrics based on return of investment. • Maintain advisory relationships with key stakeholders at clients by facilitating thought leadership, support, information, and guidance in conjunction with sales partners. • Identify and drive complete security programs to meet client objectives across technology and services including; driving new discussions by leveraging peer and industry network contacts performing requirements gathering analysis, and technology selection criteria coordinating demonstrations and security technology evaluations drive cross organizational solutions leveraging Optiv's portfolio. • Interface and partner with internal Optiv teams, particularly service delivery liaisons, to align client expectations with the entire Optiv solution portfolio to ensure service delivery excellence and client satisfaction. • Identify new and emerging technologies for internal enablement and exposure to clients. • Promotes Optiv’s portfolio and security awareness at speaking events, partner events, and leveraging social media. • Builds a reputation as trusted advisor with clients, partners, peers and cyber community resulting in an influential network of contacts. • Listen for client feedback and continually share with internal teams to evaluate and cultivate continuous improvement. • Participate in account planning, forecasting, and pipeline management activities. • Participate in managing and prioritizing the proposal process to create business proposals, contracts, and respond to RFI/RFP’s. • Actively pursue personal development by maintaining and obtaining technical capabilities, soft skills, and security-specific knowledge through formal education, certification, and other avenues. • Advance sales techniques; makes connections, facilitates meetings, reads the room, asks probing questions, overcomes objections, gains trust, maintains composure under pressure, positions solutions, and assist in finalization of sale.

Ready to be pushed beyond what you think you’re capable of? At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system. To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems. Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. At Coinbase, security isn't just a priority. It's the foundation of everything we do. In the fast-evolving world of digital currency, where trust is paramount, security breaches can mean the difference between success and failure. That's why we've made security a cornerstone of our mission, setting the standard for protecting millions of customers and billions of dollars in assets. As a Blockchain Security Engineer on the Decentralized Financial Security Team, you will work closely with engineers, technical product managers and senior leadership on designing secure products from the ground up. You will be responsible for performing secure design reviews, threat modeling, vendor reviews, working with vendors, and secure code reviews for upcoming Coinbase products or features that will be used by millions of customers. You will have an opportunity to work on the latest technology and provide leadership visibility of the current risk posture. You’ll also have an opportunity to pitch, lead and participate in cross-functional initiatives that uplevel the security of all Coinbase products and services. What you’ll be doing (ie. job duties): To be completed by all business teams except Eng. - Perform design reviews, threat modeling and code reviews of upcoming features and products. - Identify top product risk areas and lead risk-reduction initiatives with cross-functional teams. - Improve and/or automate existing processes to increase efficiency, utilizing agentic/AI tooling. - Create monitoring solutions to ensure identified risks remain at acceptable levels for Coinbase. - Participate in the team on-call rotation to support engineering teams through timely design consultations, vulnerability analysis, bug fix verification, etc. - Publish blogs and give talks (internal and external) on newfound vulnerabilities, incident investigations, unique integration risks, and related topics What we look for in you (ie. job requirements): To be completed by all business teams except Eng. - Strong understanding of blockchains (particularly EVM chains) and highly “crypto forward” - Expertise in blockchain technology and foundational knowledge in security principles - 2+ years of threat modeling/design review experience - Strong communication skills with the ability to translate technical security requirements and risks into terms that anyone can understand. - High ownership and drive, including the ability to work independently and unblock yourself. - Experience with using AI/agentic tooling (Claude Code, Cursor, GPT Codex, etc.) - Demonstrates the ability to responsibly use generative AI tools and copilots (e.g., LibreChat, Gemini, Glean) in daily workflows, continuously learn as tools evolve, and apply human-in-the-loop practices to deliver business-ready outputs and drive measurable improvements in efficiency, cost, and quality. Nice to haves: - MS or PhD in Computer Science or related field. - Experience in at least one of: Snowflake, Databricks, Dune - Experience automating manual processes or carrying out process improvements. - Experience in Blockchain, Exchange, or Decentralized Exchange Security. Job ID: P76318 #LI-Remote Pay Transparency Notice: Depending on your work location, the target annual base salary for this position can range as detailed below. Total compensation may also include equity and bonus eligibility and benefits (including medical, dental, vision and 401(k)). Annual base salary range (excluding equity and bonus): $152,405—$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal OpportunityCoinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here). Global Data Privacy Notice for Job Candidates and ApplicantsDepending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here. AI DisclosureFor select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com