Operational Security Engineer

RootstockLabs builds Bitcoin-secured DeFi infrastructure that enables companies and financial institutions to offer borrowing, lending, investment, and payment solutions at global scale.

- **Operate and continuously improve the security enterprise platforms** through effective controls, detections, monitoring, and incident response. - **Configure and manage IAM, access controls, and contextual access policies** in line with least-privilege principles and secure access standards. - **Manage and maintain the company’s MDM/EDR capabilities**, ensuring endpoint visibility, policy coverage, timely updates, and organization-wide adoption. - **Review new tools, workflows, and third-party integrations**, including SaaS, AI tools, MCPs, and plugins—and provide practical security guidance to reduce operational risk while enabling the business. - Drive and improve the **company’s security awareness program**, helping users operate safely through practical guidance and support. - Monitor emerging **attacks, vulnerabilities, and threat actor tradecraft**, and turn that knowledge into practical defensive improvements across the company. - Apply adversarial thinking and practical threat modeling to identify realistic attack paths and improve operational resilience across user workflows, enterprise tooling, and internal systems. - Help define and improve security policies, standards, best practices, and configuration baselines for internal systems and business tooling.

- Fluency in English. - **Strong hands-on experience securing and operating enterprise SaaS and cloud platforms. Experience with identity and access management, contextual access controls, and secure administration of business-critical systems.** - Experience operating MDM/EDR and other endpoint security controls. - **Experience responding to security incidents, compromises, and breaches. Advanced cybersecurity experience, including exposure to sophisticated threat actors, knowledge of modern attacker tradecraft, and the ability to apply an adversarial mindset to defensive work.** - Experience conducting practical threat modeling with real operational impact. - **Experience assessing the security of third-party tools, integrations, and emerging technologies introduced into the business.** - Ability to perform open-source threat intelligence activities relevant to current threats and company exposure. - Strong communication and cross-functional collaboration skills. - Experience working in Agile environments. ### Nice to have - Experience in FinTech, crypto, or other fast-moving technology environments, with familiarity with blockchain ecosystems and decentralized security challenges. - Experience with Python and/or JavaScript. - Experience with on-chain threat monitoring and forensics. - Experience using AI agents and agentic workflows to improve security operations.

- **Competitive compensation package** and unique benefits designed to support your growth and well-being. - **100% Remote Work from Europe / Latin America**, with access to global CoWorking spaces. - **Work-Life Balance:** Paid vacation and sick leave days. - **Continuous Learning:** Access to training programs, language courses, and learning sponsorship annually. - **Unique Projects:** Work with cutting-edge blockchain technology in a global, diverse team. - **Monthly Allowance** for Contractors to support your connectivity and well-being.

RootstockLabs builds infrastructure for Bitcoin-secured finance, contributing to Rootstock, the largest and longest-running Bitcoin sidechain that enables smart contracts, decentralized applications, and financial services on Bitcoin. They partner with developers, fintechs, and institutions to enable onchain capital markets, lending, borrowing, investment, and cross-border payments. Since 2017, they have focused on extending Bitcoin's functionality for scalable, secure decentralized technologies.