Security Operations Engineer
The Petal mission
Petal’s mission is to bring financial opportunity and innovation to everyone.
We're pioneering a new approach to credit, enabling Petal Card applicants to leverage their banking history, in addition to their credit history, to establish their creditworthiness. Our proprietary Cash Scoring technology takes applicants’ income, spending, and savings into account and is helping traditionally underserved consumers across the United States access honest, simple and responsible credit, even if they’ve never had it before.
We bring the same ingenuity to Petal Card products. Our simple and intuitive app gives members access to credit score tracking, budgeting tools, subscription management, and automated payment options—everything they need to make financial progress.
Now more than ever, Americans need help improving their credit safely, responsibly, and affordably. If this sounds like something you’d like to be a part of, apply now, and let’s change this trillion-dollar industry together.
At Petal, we're looking for people with kindness, positivity, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and potential will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Petal, we welcome diverse perspectives from people who think rigorously and aren't afraid to challenge assumptions.
*Petal Cards are issued by WebBank, Member FDIC
The Infrastructure & Security Engineering Team
The Infrastructure & Security Engineering team manages security, product infrastructure, and IT support for Petal. So far, we have focused on growing the IT support and product infrastructure areas. Now we are expanding the security function, and there is tremendous opportunity to lead and grow in an environment with a modern tech stack (no Outlook Web Access!).
The Security Operations Engineer role
The Security Operations Engineer will build and lead a modern, lean, and agile security operations capability at Petal by leveraging analytics and automation for hunting, analyzing, and responding to threats. This means starting small by gaining visibility and response capabilities throughout Petal’s environments, then advancing to a security orchestration, automation, and response (SOAR) capability over time.
Key responsibilities:
- Be responsible for threat detection and response, including the ongoing analysis of security events.
- Develop the overall capability to detect and respond to security threats in Petal’s IT and production environments.
- Survey, recommend, and implement the security tooling required for threat detection and response (e.g., SIEM, EDR/XDR, etc).
- Identify and measure meaningful metrics that help to clarify how we can improve our security practices.
- Create procedures/runbooks for incident response.
- Serve as a security subject matter expert, answering questions from our colleagues with kindness and compassion.
- Manage and lead efforts in other security domains (e.g., bug bounty, vulnerability discovery, penetration testing, etc).
Characteristics of a successful candidate:
- Familiarity with security operations challenges and solutions. We need someone who knows how to succeed at security analysis and response. We want them to express a vision for security operations in a modern, agile, cloud-native company. Bonus points for experience across multiple security domains.
- Analytical mindset. More important than any specific tool is a methodical investigative mindset.
- Programmer. We want engineers who can automate the defense and monitoring of Petal's network and cloud infrastructure. We’re a strong believer in writing code to solve mundane problems.
- Strong knowledge of tech platforms. Cloud-native Linux environments, AWS, Macs, Windows, and miscellaneous databases are a sampling of the platforms we must monitor and secure.
- Outstanding communication skills, verbal, written, and visual. We believe in excellent documentation, give frequent internal presentations, and help guide the organization on security best practices.
For our California employment information privacy statement, please click here.