Posted Jul 12, 2026

Security Operations Engineer

Apply Now

Yellow Card is the largest and first licensed stablecoin-based infrastructure provider, operating in 20 African countries and the emerging markets. Our mission is to empower businesses of all sizes, making it easier for them to make international payments, protect their financial assets, manage their treasury function, and access hard currency liquidity.

We are creating “financial infrastructure that works”, disrupting the financial services industry by offering innovative solutions designed to meet the distinct needs of – and real-world challenges faced on a daily basis by – our customers. Leveraging the power of stablecoins pegged 1:1 to the U.S. dollar (e.g., USDC, USDT, and PYUSD), we deliver our innovative solutions through our commercial trading function, our B2B products (i.e., our Payments API & Treasury Portal).

The Security Operations Engineer is the operational backbone of the Security Operations Centre (SOC). It is a fully remote, hands-on, technical role that owns three tightly integrated domains: security alert design, triaging, and automated response, cloud security posture management across EKS and AWS environments, and posture tracking and reporting.

Reporting to the Associate Director, Product & Infrastructure Security, the engineer works alongside a mature Application Security team and collaborates closely with DevOps, Engineering, and Security GRC functions. The role sits within the First Line of Defense and is expected to progressively drive down manual effort through detection-as-code and SOAR automation.

This is not a perimeter-security or scan-and-report role. The right candidate must be comfortable writing detection logic, triaging cloud misconfigurations at the infrastructure level, and owning end-to-end vulnerability remediation cycles in containerised environments.

Key responsibilities

Duties include, but are not limited to.

1. Security Operations

The engineer owns the full lifecycle of security detection and response inside the SOC, from signal design through to automated containment. This is the primary domain of the role.

Alert design and coverage

Alert triage

Automated response workflows (SOAR)

2. Cloud Security Posture Management

Cloud posture management is the infrastructure-facing domain of the role, covering vulnerability management, identity governance, and configuration and change control. AWS EKS and Serverless resources are the primary environments.

Vulnerability management

Identity and access governance

Configuration and change management

3. Posture Tracking and Reporting

The engineer is the primary data owner for security posture metrics across both SOC and cloud domains. Reporting outputs feed executive dashboards, GRC compliance evidence, and quarterly risk reviews.

KRI data collection

Recurring control reviews

Reporting

Requirements for the role:

Experience and Skills

Qualifications:

What We Offer

Ready to Join Us?

Are you up for the challenge? Apply today and be part of shaping the future of FinTech. Let's innovate, disrupt, and lead together!

Originally posted on