Top Benefits
About the role
Who are we?
At Finastra, we are a dynamic global provider of open finance software solutions, dedicated to expanding access to financial services. Our innovative applications span Lending, Payments, Treasury and Capital Markets, and Universal Banking. Proudly serving over 8,000 customers, including 45 of the world's top 50 banks, we aim to boost financial inclusion for all. Join us and be part of a vibrant company that embraces diverse perspectives and is committed to doing well by doing good.
What will you contribute to?
We are seeking an experienced Senior Cybersecurity Detection Engineer to join our security team within the financial services sector. This role plays a critical part in strengthening our detection and response capabilities by leading SIEM operations, developing advanced detection logic, and ensuring the organization’s defenses remain ahead of evolving threats. You will serve as a senior technical lead and subject matter expert, with a direct impact on the security of sensitive financial systems and data.
Responsibilities & Deliverables:
- Lead the operationalization of our SIEM platform (e.g., Splunk, QRadar, Azure Sentinel, etc.) including log onboarding, parsing, correlation rule development, and alert tuning
- Act as the technical authority on detection engineering, guiding architecture, configuration, and continuous improvement of detection capabilities across financial systems and services
- Own, manage, and oversee end-to-end SIEM operations processes, including log source integration, parsing, and normalization
- Design, build, and optimize high-fidelity detection rules and use cases aligned with MITRE ATT&CK, threat models, or other threat intelligence
- Collaborate closely with audit, threat intelligence, and SOC teams to ensure regulatory and risk-based coverage
- Continuously improve detection performance by building feedback loops, analyzing detection efficacy, mapping detection sources to use cases, and preforming rule tuning and optimization to reduce false positives and increase fidelity
- Act as the primary technical liaison with an MSSP delivering Managed XDR services, ensuring quality of detections, tuning alerts, and optimizing response workflows
- Integrate and build detection use cases to enable monitoring of financial application logs (e.g., SWIFT, trading platforms, core banking systems) and support compliance with FFIEC, SOX, GLBA, PCI-DSS, and other relevant standards
- Provide senior-level mentorship to junior engineers and analysts, while also driving cross-functional initiatives across IT, audit, and risk functions
- Conduct regular detection effectiveness assessments, red/blue/purple team exercises, and gap analysis tailored to threats specific to the company and FinTech space
- Operationalize and continuously mature the organization's SIEM program, establishing KPIs and optimizing detection pipelines
- Stay current on threat actor behavior targeting financial services and leverage this intelligence to enhance detection logic and response readiness
Knowledge / Skills:
- 8+ years of experience in cybersecurity, with a focus on detection engineering, threat monitoring, or security operations within the finance industry or highly regulated environments
- Strong hands-on experience with SIEM platforms, including log ingestion, parsing, rule development, and content lifecycle management
- Demonstrated ability to operationalize Cyber Security programs, including KPI creation, dashboarding, alert tuning, and process documentation
- Experience leverage CI/CD pipelines for version control, automated testing and deployment of detection content, to ensure consistent and high-quality detection logic (GitHub, GitLab, Jenkins, DevOps, etc.)
- Working experience conducting log source analysis and mapping telemetry to detection requirements, or other gap analysis
- Proficiency in detection query languages (e.g., KQL, SPL, AQL) and scripting (Python or PowerShell)
- Knowledge of regulatory requirements and frameworks impacting the financial industry (e.g., FFIEC, GLBA, NIST 800-53)
- Direct Experience working with an MSSP delivering Managed XDR/Managed SIEM environments, including co-managed alerting and response processes
- Experience with SOAR platforms and automation of detection and response workflows
- Exposure to cloud environments (AWS, Azure, GCP) and corresponding logging and detection capabilities
- Excellent communication and collaboration skills, with the ability to drive security initiatives across diverse stakeholders
Education / Certifications:
- Bachelor's degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred but not required
- Certification in one or more of the following areas is desired but not required: Certified Information Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
We are proud to offer a range of incentives to our employees worldwide. These benefits are available to everyone, regardless of grade, and reflect the values we uphold:
· Flexibility: Enjoy unlimited vacation, based on your location and business priorities. Hybrid working arrangements, and inclusive policies such as paid time off for voting, bereavement, and sick leave.
· Well-being: Access confidential one-on-one therapy through our Employee Assistance Program, unlimited personalized coaching via our coaching app, and access to our Gather Groups for emotional and mental support.
· Medical, life & disability insurance, retirement plan, lifestyle and other benefits*
· ESG: Benefit from paid time off for volunteering and donation matching.
· DEI : Participate in multiple DE&I groups for open involvement (e.g., Count Me In, Culture@Finastra, Proud@Finastra, Disabilities@Finastra, Women@Finastra).
· Career Development: Access online learning and accredited courses through our Skills & Career Navigator tool.
· Recognition: Be part of our global recognition program, Finastra Celebrates, and contribute to regular employee surveys to help shape Finastra and foster a culture where everyone is engaged and empowered to perform at their best.
- Specific benefits may vary by location.
At Finastra, each individual is unique, bringing their own ideas, thoughts, cultural beliefs, backgrounds, and experiences together. We learn from one another, embrace and celebrate our differences, and create an environment where everyone feels safe to be themselves.
Be unique, be exceptional, and help us make a difference at Finastra!
Finastra is committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). We will accommodate applicants' needs upon request, throughout all stages of the recruitment process. Please inform us of the accommodation(s) that you may require. Information received related to accommodation will be addressed confidentially.
Top Benefits
About the role
Who are we?
At Finastra, we are a dynamic global provider of open finance software solutions, dedicated to expanding access to financial services. Our innovative applications span Lending, Payments, Treasury and Capital Markets, and Universal Banking. Proudly serving over 8,000 customers, including 45 of the world's top 50 banks, we aim to boost financial inclusion for all. Join us and be part of a vibrant company that embraces diverse perspectives and is committed to doing well by doing good.
What will you contribute to?
We are seeking an experienced Senior Cybersecurity Detection Engineer to join our security team within the financial services sector. This role plays a critical part in strengthening our detection and response capabilities by leading SIEM operations, developing advanced detection logic, and ensuring the organization’s defenses remain ahead of evolving threats. You will serve as a senior technical lead and subject matter expert, with a direct impact on the security of sensitive financial systems and data.
Responsibilities & Deliverables:
- Lead the operationalization of our SIEM platform (e.g., Splunk, QRadar, Azure Sentinel, etc.) including log onboarding, parsing, correlation rule development, and alert tuning
- Act as the technical authority on detection engineering, guiding architecture, configuration, and continuous improvement of detection capabilities across financial systems and services
- Own, manage, and oversee end-to-end SIEM operations processes, including log source integration, parsing, and normalization
- Design, build, and optimize high-fidelity detection rules and use cases aligned with MITRE ATT&CK, threat models, or other threat intelligence
- Collaborate closely with audit, threat intelligence, and SOC teams to ensure regulatory and risk-based coverage
- Continuously improve detection performance by building feedback loops, analyzing detection efficacy, mapping detection sources to use cases, and preforming rule tuning and optimization to reduce false positives and increase fidelity
- Act as the primary technical liaison with an MSSP delivering Managed XDR services, ensuring quality of detections, tuning alerts, and optimizing response workflows
- Integrate and build detection use cases to enable monitoring of financial application logs (e.g., SWIFT, trading platforms, core banking systems) and support compliance with FFIEC, SOX, GLBA, PCI-DSS, and other relevant standards
- Provide senior-level mentorship to junior engineers and analysts, while also driving cross-functional initiatives across IT, audit, and risk functions
- Conduct regular detection effectiveness assessments, red/blue/purple team exercises, and gap analysis tailored to threats specific to the company and FinTech space
- Operationalize and continuously mature the organization's SIEM program, establishing KPIs and optimizing detection pipelines
- Stay current on threat actor behavior targeting financial services and leverage this intelligence to enhance detection logic and response readiness
Knowledge / Skills:
- 8+ years of experience in cybersecurity, with a focus on detection engineering, threat monitoring, or security operations within the finance industry or highly regulated environments
- Strong hands-on experience with SIEM platforms, including log ingestion, parsing, rule development, and content lifecycle management
- Demonstrated ability to operationalize Cyber Security programs, including KPI creation, dashboarding, alert tuning, and process documentation
- Experience leverage CI/CD pipelines for version control, automated testing and deployment of detection content, to ensure consistent and high-quality detection logic (GitHub, GitLab, Jenkins, DevOps, etc.)
- Working experience conducting log source analysis and mapping telemetry to detection requirements, or other gap analysis
- Proficiency in detection query languages (e.g., KQL, SPL, AQL) and scripting (Python or PowerShell)
- Knowledge of regulatory requirements and frameworks impacting the financial industry (e.g., FFIEC, GLBA, NIST 800-53)
- Direct Experience working with an MSSP delivering Managed XDR/Managed SIEM environments, including co-managed alerting and response processes
- Experience with SOAR platforms and automation of detection and response workflows
- Exposure to cloud environments (AWS, Azure, GCP) and corresponding logging and detection capabilities
- Excellent communication and collaboration skills, with the ability to drive security initiatives across diverse stakeholders
Education / Certifications:
- Bachelor's degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred but not required
- Certification in one or more of the following areas is desired but not required: Certified Information Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
We are proud to offer a range of incentives to our employees worldwide. These benefits are available to everyone, regardless of grade, and reflect the values we uphold:
· Flexibility: Enjoy unlimited vacation, based on your location and business priorities. Hybrid working arrangements, and inclusive policies such as paid time off for voting, bereavement, and sick leave.
· Well-being: Access confidential one-on-one therapy through our Employee Assistance Program, unlimited personalized coaching via our coaching app, and access to our Gather Groups for emotional and mental support.
· Medical, life & disability insurance, retirement plan, lifestyle and other benefits*
· ESG: Benefit from paid time off for volunteering and donation matching.
· DEI : Participate in multiple DE&I groups for open involvement (e.g., Count Me In, Culture@Finastra, Proud@Finastra, Disabilities@Finastra, Women@Finastra).
· Career Development: Access online learning and accredited courses through our Skills & Career Navigator tool.
· Recognition: Be part of our global recognition program, Finastra Celebrates, and contribute to regular employee surveys to help shape Finastra and foster a culture where everyone is engaged and empowered to perform at their best.
- Specific benefits may vary by location.
At Finastra, each individual is unique, bringing their own ideas, thoughts, cultural beliefs, backgrounds, and experiences together. We learn from one another, embrace and celebrate our differences, and create an environment where everyone feels safe to be themselves.
Be unique, be exceptional, and help us make a difference at Finastra!
Finastra is committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). We will accommodate applicants' needs upon request, throughout all stages of the recruitment process. Please inform us of the accommodation(s) that you may require. Information received related to accommodation will be addressed confidentially.