Our Mission and Vision
At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we’re on a bold path: to become the #1 payments orchestration platform in the world.
We believe the future of payments is shaped by people who think big, take ownership, and bring curiosity and drive to everything they do. That’s exactly the kind of teammates we want on board.
We’re building the #1 payment orchestrator in the world — and the names behind us prove it. Clients include Bolt, Ajax, Nova Post, MEGOGO. Trusted by giants like J.P. Morgan. Ranked #2 in the “Employer of the Year 2026” award by Forbes Ukraine.
Why This Role Is Critical
Solidgate processes millions of payments across 120+ services, including its own acquiring module, and operates in a regulated environment with real cardholder data and SWIFT connectivity. You’ll define what detection looks like at Solidgate: what gets monitored, what gets detected, and how the team responds when something goes wrong.
What You Will Own
Build and operationalize the SIEM from PoC to production — including case management and UEBA, with full ownership of the technology selection
Design, write, and tune detection rules mapped to MITRE ATT&CK, covering identity compromise, privilege escalation, lateral movement, and endpoint threats
Triage and investigate L2/L3 alerts, reduce false positives, and establish clear escalation paths for each use case
Lead incident response and basic forensics — containment, eradication, and structured lessons learned
Onboard log sources across AWS, JumpCloud, Google Workspace, CDE, and SWIFT;
Run threat hunts based on realistic attack hypotheses specific to a payment platform’s risk profile
Build and maintain runbooks and playbooks; automate repetitive actions via SOAR or scripting
Define SOC metrics and own monthly reporting to management on detection coverage and response performance
Our Ideal Candidate
3+ years in SOC / Detection & Response at L2/L3 level, with hands-on investigation experience
Practical experience building or operating a SIEM, including writing and tuning detection rules
Detection engineering with MITRE ATT&CK mapping; confident with KQL, SPL, or equivalent query languages
Experience investigating cloud log sources: AWS CloudTrail, GuardDuty, Google Workspace, EDR/XDR
Scripting and automation skills (Python or similar) for telemetry processing and routine tasks
Solid understanding of attacker techniques and how they manifest in logs — not just tool knowledge, but threat understanding
Structured under pressure: disciplined investigation process, clear documentation, clean post-mortems
The Points That Make You Stand Out
SOAR experience and a detection-as-code approach (version control for rules, CI pipelines for detection)
UEBA, threat intelligence enrichment, or alert contextualization at scale
Familiarity with payment-specific environments — CDE monitoring, SWIFT, PCI DSS context
Purple teaming experience working alongside an offensive security team
Why This Role Is a Career Accelerator
You’ll own the Security Operations direction at Solidgate — this isn’t a slot in someone else’s SOC, it’s yours to build
Real data, real threats — a fintech processing millions of transactions is a genuinely complex detection environment, not a sandbox
You’ll choose the stack: SIEM, SOAR, detection framework — your decisions will shape how Solidgate detects threats for years
Direct path to leading the SOC function and growing the team as the company scales
Hands-on experience at the intersection of cloud-native infrastructure, IR, and detection engineering in a regulated environment — a combination rare outside large enterprises
Why Join Solidgate
Impactful work: you’re monitoring and defending financial infrastructure that processes millions
