• Build and operationalize a fintech-grade SOC function • Own incident response end-to-end • Design and mature detection engineering • Define security KPIs & KRIs • Embed SOC into engineering and product workflows • Reduce systemic financial risk • Build and scale the SecOps team • Operationalize compliance through execution

• Monitor and respond to clients through all supported email, messaging, and phone platforms • Proactively monitor security dashboards to detect and respond to emerging threats in real-time • Identify alerts that require additional analysis and facilitate their escalation– internally or externally –for further investigation and resolution • Meet minimum standards of initial triage and analysis before escalating • Understand, identify, and research Indicators of Compromise (IOCs) to support threat detection and incident response efforts • Review and analyze security logs and event data from various sources, such as firewalls, intrusion detection systems, and endpoint security tools to identify potential security incidents • Complete all assigned internal and external reports by their deadlines, or in a timely manner if one is not provided • Receive and perform initial triage of security alerts, assess their severity, and determine appropriate actions for resolution • Contribute to tuning of managed security tools by identifying trends and optimizing alert fidelity • Stay informed about the latest cybersecurity threats, vulnerabilities, and attack techniques, and apply this knowledge to enhance the SOC's threat detection capabilities • Perform threat hunts to ensure proactive, in-depth client security • Monitor and maintain unassigned and assigned ticket queues, ensuring timely resolution and effective communication with stakeholders • Maintain average ticket processing time checkpoints in accordance with SLA’s - time to acknowledge, time to triage, and time to notify • Completing all assigned training in agreed upon time frames

• Oversee and continuously elevate our security posture • Monitor and manage the lifecycle of our security audits, certifications, and internal controls • Own our security whitepapers and related InfoSec collateral • Proactively guide prospects through InfoSec, compliance, and security architecture conversations • Partner closely with Legal and Compliance to ensure alignment on policies • Manage and streamline InfoSec questionnaires • Manage day-to-day security and compliance operations • Work hand-in-hand with Solution Architects and DevOps to translate security requirements

• Monitor security tools & systems: Analyze logs, alerts, and data for suspicious activity. • Investigate potential threats: Determine if alerts are real incidents and identify vulnerabilities. • Supervise all Incident/Security issues, including preliminary triage, troubleshooting and remediation. • Gather evidence: Collect and analyze evidence to understand incident scope and impact. • Contain the threat and remediate vulnerabilities: Quickly contain the incident to minimize damage, and implement patching, configuration changes, or other measures to address the exploited vulnerabilities. • Recover from the incident and report to management: Assist in restoring affected systems and data to their normal state, and keep management informed about security incidents and response efforts. • Documentation: Document findings for future reference and improvement, including process roadmaps, change management validations, and user/system impacted incident management and resolutions.