Security Engineer
Location: Austin, United States (Hybrid)Hybrid | Full-timeCompensation: $150K - $175KOur client is an innovative firm operating at the intersection of institutional finance and emerging blockchain technology. Backed by $40M in funding from premier venture capital firms including Electric Capital and Paradigm, the organization is bridging the gap between decentralized finance and traditional Wall Street by rebuilding financial infrastructure to be faster, safer, and fully on-chain.In this environment, security is viewed as a primary client-facing differentiator and a core pillar of institutional trust. The security program is integral to client due diligence, auditor engagements, and enterprise contract negotiations. Our client is seeking a Security Engineer to serve as the hands-on execution layer of a security strategy designed by the CISO.This is a builder role focused on the technical implementation of a modern, cloud-native security stack. The successful candidate will stand up identity enforcement, endpoint protection, cloud posture management, threat detection, and GRC evidence pipelines. This position reports directly to the CISO, offering high technical autonomy and executive visibility within a production-grade environment.Key Responsibilities:Security Infrastructure & ImplementationDesign, deploy, and maintain core security controls across identity, endpoint, cloud, and application layers, including SSO/MFA enforcement, MDM, EDR, CSPM, secrets management, and DLPLead the technical integration of security tooling, ensuring controls are configured to produce auditor-credible evidenceExecute the technical security roadmap under the guidance of the CISO, managing parallel workstreams across infrastructure and daily operationsMonitoring, Detection & Incident ResponseBuild and maintain detection coverage across cloud and endpoint systems, validating alert paths through documented test scenariosMonitor security logs for anomalous activity, investigate potential incidents, and provide structured updates to leadershipVulnerability & Patch ManagementManage the vulnerability lifecycle, including scanning, triage, SLA-tracked remediation, and patching verificationMaintain a comprehensive inventory of non-human identities, including service accounts and API keys, ensuring proper rotation and expiry trackingAutomation & Continuous ImprovementImplement automation across security controls and evidence collection to reduce manual burden and improve scalabilityProactively identify security posture gaps and provide recommendations for enhancement to the CISOGRC & Operational SupportAlign technical controls with governance requirements and maintain organized artifacts for SOC 2 and other regulatory auditsManage security aspects of the employee lifecycle, including device enrollment, identity provisioning, and access revocationDevelop documentation for security configurations and standard operating proceduresRequirementsRequired Qualifications:Experience: Minimum of 3+ years of hands-on security engineering experience in a cloud-native environmentIdentity & Cloud: Demonstrated experience with IAM platforms and AWS security services (IAM, CloudTrail, GuardDuty, Security Hub, Secrets Manager)Tooling: Working knowledge of Cloud Security Posture Management (CSPM) tools (e.g., Wiz, Prisma Cloud, Prowler) and CI/CD security integrations (SAST/SCA)Compliance Mindset: Ability to produce audit-quality documentation and evidence artifactsForward-Thinking: Understanding of how AI integrates into the modern security stack and a willingness to implement AI-driven processesSoft Skills: Ability to operate with high autonomy and accountability in a high-growth, executive-facing environmentPreferred QualificationsExperience supporting a full SOC 2 audit lifecycleFamiliarity with GRC platforms such as Vanta, Drata, or SecureFrameProficiency in scripting for security automationExposure to DLP tooling, AI data governance, or regulatory frameworks (NIST CSF, NYDFS Part 500)Professional certifications such as AWS Solutions Architect - Associate, AWS Certified Security - Specialty, or CISSPBenefitsOpportunity to build a security program from the ground up with significant organizational investmentDirect mentorship and collaboration with a CISO in a high-growth fintech environmentAutonomy to select and implement modern, production-grade security toolingCompetitive compensation and the chance to contribute to the foundational infrastructure of an institutional-grade financial platformInterview ProcessHiring Manager Interview: Initial technical and strategic discussion with the CISOBehavioral Interview: Assessment of core values and professional alignmentTechnical Interview: Deep dive into engineering capabilities and security implementation skillsFinal Interview: Comprehensive review with key stakeholdersDue to the high volume of applications we anticipate, we regret that we are unable to provide individual feedback to all candidates. If you do not hear back from us within 4 weeks of your application, please assume that you have not been successful on this occasion. We genuinely appreciate your interest and wish you the best in your job search.Commitment to Equality and Accessibility:At MLabs, we are committed to offer equal opportunities to all candidates. We ensure no discrimination, accessible job adverts, and providing information in accessible formats. Our goal is to foster a diverse, inclusive workplace with equal opportunities for all. If you need any reasonable adjustments during any part of the hiring process or you would like to see the job-advert in an accessible format please let us know at the earliest opportunity by emailing human-resources@mlabs.city.MLabs Ltd collects and processes the personal information you provide such as your contact details, work history, resume, and other relevant data for recruitment purposes only. This information is managed securely in accordance with MLabs Ltd's Privacy Policy and Information Security Policy, and in compliance with applicable data protection laws. Your data may be shared only with clients and trusted partners where necessary for recruitment purposes. You may request the deletion of your data or withdraw your consent at any time by contacting legal@mlabs.city.