Cyber Defense Engineer

Who are we?At Finastra, we are a dynamic global provider of open finance software solutions, dedicated to expanding access to financial services. Our innovative applications span Lending, Payments, Treasury and Capital Markets, and Universal Banking. Proudly serving over 8,000 customers, including 45 of the world's top 50 banks, we aim to boost financial inclusion for all. Join us and be part of a vibrant company that embraces diverse perspectives, and is committed to doing well by doing good.Cybersecurity Detection EngineerWhat will you contribute to?We are seeking an experienced Cybersecurity Detection Engineer to join our security team within the financial services sector. This role plays a critical part in strengthening our detection and response capabilities by leading SIEM operations, developing advanced detection logic, and ensuring the organization's defenses remain ahead of evolving threats. You will serve as a subject matter expert, with a direct impact on the security of sensitive financial systems and data.Responsibilities & Deliverables:Assist in developing and maintaining our SIEM platform (e.g., Splunk, QRadar, Azure Sentinel, etc.) including log onboarding, parsing, correlation rule development, and alert tuningAct as a technical authority on detection engineering and continuous improvement of detection capabilities across financial systems and servicesCollaborate closely with audit, threat intelligence, and SOC teams to ensure regulatory and risk-based coverageContinuously improve detection performance by using feedback loops, analyzing detection efficacy, mapping detection sources to use cases, and preforming rule tuning and optimization to reduce false positives and increase fidelityAct as a primary technical liaison with an MSSP delivering Managed XDR services, ensuring quality of detections, tuning alerts, and optimizing response workflowsIntegrate and build detection use cases to enable monitoring of financial application logs (e.g., SWIFT, trading platforms, core banking systems) and support compliance with FFIEC, SOX, GLBA, PCI-DSS, and other relevant standardsParticipate in regular detection effectiveness assessments, blue team exercises, and gap analysis tailored to threats specific to the company and FinTech spaceOperationalize and continuously mature the organization's SIEM program, establishing KPIs and optimizing detection pipelinesStay current on threat actor behavior targeting financial services and leverage this intelligence to enhance detection logic and response readinessRequired Experience :3+ years of experience in cybersecurity, with a focus on detection engineering, threat monitoring, or security operations within the finance industry or highly regulated environmentsExperience with SIEM platforms, including log ingestion, parsing, rule development, and content lifecycle managementExperience leverage CI/CD pipelines for version control, automated testing and deployment of detection content, to ensure consistent and high-quality detection logic (GitHub, GitLab, Jenkins, DevOps, etc.)Proficiency in detection query languages (e.g., KQL, SPL, AQL) and scripting (Python or PowerShell)Knowledge of regulatory requirements and frameworks impacting the financial industry (e.g., FFIEC, GLBA, NIST Direct Experience working with an MSSP delivering Managed XDR/Managed SIEM environments, including co-managed alerting and response processesExperience with SOAR platforms and automation of detection and response workflowsExposure to cloud environments (AWS, Azure, GCP) and corresponding logging and detection capabilitiesExcellent communication and collaboration skills, with the ability to drive security initiatives across diverse stakeholdersEducation / Certifications:Bachelor's degree from an accredited college or university, or equivalent experience.  A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred but not requiredCertification in one or more of the following areas is desired but not required: Certified Information Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)We are proud to offer a range of incentives to our employees worldwide. These benefits are available to everyone, regardless of grade, and reflect the values we uphold:·       Flexibility: Enjoy unlimited vacation, based on your location and business priorities. Hybrid working arrangements, and inclusive policies such as paid time off for voting, bereavement, and sick leave.·       Well-being: Access confidential one-on-one therapy through our Employee Assistance Program, unlimited personalized coaching via our coaching app, and access to our Gather Groups for emotional and mental support.·       Medical, life & disability insurance, retirement plan, lifestyle and other benefits*·       ESG: Benefit from paid time off for volunteering and donation matching.·       DEI: Participate in multiple DE&I groups for open involvement (e.g., Count Me In, , , , ).·       Career Development: Access online learning and accredited courses through our Skills & Career Navigator tool.·       Recognition: Be part of our global recognition program, Finastra Celebrates, and contribute to regular employee surveys to help shape Finastra and foster a culture where everyone is engaged and empowered to perform at their best.*Specific benefits may vary by location.At Finastra, each individual is unique, bringing their own ideas, thoughts, cultural beliefs, backgrounds, and experiences together. We learn from one another, embrace and celebrate our differences, and create an environment where everyone feels safe to be themselves.Be unique, be exceptional, and help us make a difference at Finastra