Galaxy Ventures
Your next career starts here.
Apply to opportunities at industry leading companies within the Galaxy Ventures portfolio.
Security Operations Engineer
Front Finance
Operations
Bengaluru, Karnataka, India
Posted on Mar 30, 2026
About Mesh
At Mesh, our mission is to enable consumers to pay and be paid with any asset. Today, trillions of dollars in tokenized assets exist but remain largely unusable for everyday commerce. Mesh is bridging this gap by making crypto payments reliable, useful, and ubiquitous. We combine a powerful orchestration engine with a seamless consumer app to unlock liquidity for the world. Backed by leading investors like PayPal Ventures, Paradigm, and Galaxy Ventures, we are building the infrastructure for the next era of the global economy. Join us!
Overview
As a Security Operations Engineer, you will be the day-to-day operator and custodian of our security monitoring infrastructure, responsible for writing and tuning detections, integrating new log sources, investigating security incidents, and escalating threats with precision and speed. This is a hands-on technical role where you own the security operations platform (SIEM/SOAR), build detection logic that catches real threats, and drive rapid incident response across our infrastructure. You will work autonomously to maintain visibility across the organization's security posture, identify emerging threats, and ensure that detection rules evolve as our threat landscape changes. This role bridges security engineering and incident response, requiring both technical depth in detection engineering and operational discipline in investigation and escalation workflows.
What You'll Do
- Own Security Operations Platform Management by administering, configuring, and maintaining SIEM/SOAR platforms as the central nervous system for threat detection and incident response.
- Engineer Detection Rules and Alerts by writing, tuning, and optimizing detection queries to identify real security threats while minimizing false positives.
- Integrate New Log Sources by designing and implementing parsers, log ingestion pipelines, and data normalization for new security tools and infrastructure components.
- Conduct Security Investigations by analyzing alerts, performing forensic analysis of security events, and determining true positive vs. false positive findings.
- Manage Incident Escalation by evaluating incident severity, escalating to senior engineers when needed, and maintaining clear communication with stakeholders during active incidents.
- Maintain Detection Coverage by continuously assessing detection gaps, analyzing threat intelligence for emerging attack patterns, and extending detection rules to address new threats.
- Optimize Security Operations by identifying bottlenecks in alerting and investigation workflows, proposing process improvements, and implementing automation to reduce mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR).
- Document Investigations and Incidents by creating clear, detailed incident reports that support post-incident reviews and contribute to institutional knowledge.
- Collaborate on Threat Response by working with security engineers, infrastructure teams, and incident responders to contain and remediate active threats.
- Support Compliance and Evidence Collection by ensuring security events are properly logged, archived, and available for audit and regulatory requirements.
- Maintain Operational Readiness by staying current on emerging threats, attack techniques, and detection methodologies relevant to our infrastructure and threat model.
Who You Are
- Bachelor’s degree in Computer Science, Cybersecurity or a related field.
- 5–7+ years of hands-on experience in security operations, threat detection or incident response.
- Strong experience administering and tuning SIEM/SOAR platforms in production environments.
- Proven ability to write and optimize detection rules (e.g. SPL, KQL or similar query languages).
- Deep understanding of network, host, application and cloud security concepts.
- Solid experience investigating security incidents and performing forensic analysis.
- Strong written and verbal communication skills, with the ability to clearly document findings and escalate issues.
- Ability to work independently with minimal supervision in a fast-paced environment.
- Experience collaborating with small, international teams across multiple time zones.
- Willingness to work outside normal business hours when needed for incident response.
Nice to have
- Hands-on experience with SIEM platforms at scale (Sumo Logic, Splunk, Azure Sentinel, Datadog or similar)
- Expertise in detection engineering frameworks and threat-informed detection methodologies
- Experience integrating security tools and log sources into centralized monitoring platforms
- Familiarity with MITRE ATT&CK and translating threat intelligence into detection logic
- Experience with cloud security monitoring (AWS, Azure, GCP) and native security services
- Exposure to containerized environments (Docker, Kubernetes) and securing cloud-native workloads
- Familiarity with security and compliance frameworks (ISO 27001/2, NIST, SOC2, GDPR, DORA)
- Experience with at least one object-oriented programming language; Python preferred.
- Experience with at least one query language such as Kusto Query Language (KQL) or similar.
Why You’ll Love It Here
At Mesh, you're not stepping into a typical role—you're joining a rocket ship in mid-liftoff. You'll tackle complex, meaningful problems that actually move an industry forward, working alongside a sharp, motivated team that moves quickly, collaborates deeply, and expects everyone to operate with ownership. This is the kind of place where you'll see your work ship fast, make real impact, and be able to point to something and say, "I built that." You'll grow fast, level up your skills, and get a front-row seat to how a high-growth company scales from the inside, with competitive comp, solid benefits, and room to stretch your craft all coming standard. If you're energized by building, learning, and shaping something big—this is where you'll want to be.
In-Office Expectations
Employees based in our San Francisco, New York, and Bangalore hubs are expected to work from the office at least 40% of the time (approximately two days per week). This expectation may vary slightly depending on role, team, and business needs. Certain roles that require closer cross-functional collaboration or operational support may have additional in-office requirements, which will be discussed during the interview process. Our hybrid approach is designed to balance meaningful in-person collaboration, team building, and real-time decision-making with the flexibility to work remotely. We believe this structure supports strong execution while preserving autonomy and focus time.
How We Care For Our Team
We believe great work happens when people feel valued and supported. That starts with competitive salary and equity that grows as you and the company grow, plus comprehensive health coverage for you and your family. We offer unlimited PTO—and we mean it. Take the time you need to recharge and show up at your best.
We're invested in your growth with a dedicated budget for courses, conferences, and certifications. Work from wherever you're most productive with our remote-friendly approach, and count on having the top-tier tools and equipment you need to do exceptional work.
Mesh Pay is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.