- Company Name
- Marqeta
- Job Title
- Staff Security Engineer - EU / UK
- Job Description
-
Job Title: Staff Security Engineer
Role Summary:
Senior security operations lead responsible for incident response, digital forensics, threat hunting, and security monitoring across the organization. Drives incident response program, NIST alignment, detection engineering, and continuous improvement while overseeing on‑call duties and cross‑functional coordination.
Expectations:
- Lead incident response for all severity levels, acting as incident commander.
- Design, implement, and maintain detection logic using detections‑as‑code.
- Mentor and develop security team members.
- Collaborate with CISO, fraud, compliance, risk, and external stakeholders.
Key Responsibilities:
- Proactively monitor environment, triage alerts, and execute timely responses.
- Serve as incident commander, directing investigations and cross‑team response.
- Implement and maintain NIST Incident Response Lifecycle processes.
- Manage and update Cybersecurity Incident Response Plan, ensuring regulatory alignment.
- Document, maintain, and evolve SOC processes, playbooks, and runbooks.
- Participate in 24/7 on‑call rotations, providing expert guidance and post‑incident reviews.
- Conduct threat hunting using intelligence sources and hypothesis‑driven techniques.
- Tune security solutions and enhance detection across SIEM, EDR, and other platforms.
- Develop detection logic; integrate via CI/CD pipelines, version control, and testing frameworks.
- Expand detection coverage against MITRE ATT&CK, prioritize gaps, and map TTPs.
- Liaise with HR, law enforcement, response retainers, and cyber insurers on crime cases.
- Mentor junior staff and collaborate with senior leadership on risk communication.
- Partner with fraud, compliance, and risk teams on payment‑related incidents and PCI DSS requirements.
Required Skills:
- 8+ years in security operations with deep expertise in incident response, digital forensics, and threat hunting.
- Proven incident commander experience under pressure.
- Advanced knowledge of NIST Incident Response Lifecycle and documentation.
- Expert proficiency with EDR, SIEM, SOAR, and other security monitoring tools.
- Experience with detections‑as‑code, version control, CI/CD pipelines, and testing frameworks.
- Working knowledge of MITRE ATT&CK; ability to assess coverage and prioritize engineering.
- Strong threat intelligence application and threat actor TTP analysis.
- Experience tuning security solutions and building automation workflows.
- Advanced familiarity with AWS cloud services and cloud security best practices.
- Excellent communication skills with technical and executive stakeholders.
- Experience in fintech, payment processing, or highly regulated environments; PCI DSS incident handling knowledge a plus.
- Demonstrated mentorship and ability to work independently while escalating appropriately.
Required Education & Certifications:
- Bachelor’s degree in computer science, information security, or related field.
- Relevant certifications preferred: CISSP, GCIA, GCIH, GCIH, GCIEM, or equivalent.