Security Operations Engineer
Quick Summary
Own vulnerability scanning, triage, and remediation tracking, coordinating with engineering teams to make sure patches get deployed.
Experience working in a small, fast-paced security team. Hands-on experience with vulnerability management (CVSS, patch lifecycles) and detection
Arch is a Series B financial technology company that automates the management of private investments, improving access, understanding, and the human experience of investing across asset classes.
Private investments such as venture capital, hedge funds, and private equity, make up roughly 25% of the investment universe. Traditionally, investors, advisors, banks, families, and managers track hundreds of investments in complicated spreadsheets, file folders, and busy inboxes. Not only is this tedious and time-consuming, but it is rife with opportunity for manual data entry errors, inconsistent reporting, and lost information. Enter, Arch.
Arch delivers standardized data, documents, and insights in a single platform, avoiding the need to chase information across dozens or hundreds of ‘portals’. Our purpose is to save investors’ time while empowering them to make more informed investment decisions, leading to better financial outcomes.
We are a fast-growing, dynamic team of 200+, serving over 400 clients, including several of America’s largest banks, families, and financial institutions. We’ve over doubled the size of the company every year since inception and we are looking to hire in all departments as we scale.
As a Security Operations Engineer, you'll join our small, growing security team in a hands-on, execution-focused role supporting our vulnerability management and detection programs. This is a critical role — you'll be the bridge between security findings and engineering teams, making sure our tools, processes, and compliance posture stay effective as Arch scales. You'll work across the organization on a variety of security projects, from vendor due diligence to infrastructure security checks.
Responsibilities
~1 min read- →
Own vulnerability scanning, triage, and remediation tracking, coordinating with engineering teams to make sure patches get deployed.
- →
Maintain our SIEM/SOC stack and build and refine detections for DLP, IoC, and cloud vulnerabilities.
- →
Maintain and improve security logging and audit processes to support SOC 2 and ISO 27001 requirements.
- →
Support the team on infrastructure security checks and assist with security investigations.
- →
Engage in cross-functional projects as a core member of a small, nimble team — including managing vendor security due diligence, refining IT asset management, and owning various security tasks based on team priorities.
Experience working in a small, fast-paced security team.
Hands-on experience with vulnerability management (CVSS, patch lifecycles) and detection engineering (SIEM, log analysis, alerting).
An understanding of security fundamentals (OWASP, NIST, CIS Benchmarks, SOC 2).
Experience with cloud infrastructure security, specifically AWS (IAM, VPC, Secrets Manager).
Proficiency in scripting and automation (Python, Bash, or Go) and basic familiarity with reading code to assist with security investigations or automation tasks.
A collaborative mindset and willingness to tackle a variety of security tasks across the team.
Nice to Have
~1 min readFamiliarity with Infrastructure as Code security (e.g., Terraform) or CI/CD pipeline security and automated scanning tools (e.g., Snyk).
Prior experience with threat modeling or security design reviews.
Relevant industry certifications (e.g., Security+, CISSP, AWS Certified Security).
Most of our full-time roles are based onsite at our New York City office, where our team thrives on in-person collaboration and dynamic teamwork. Being onsite daily enables us to build strong connections, move quickly, and deliver exceptional service to our clients.
For select roles, we are also open to candidates based in Boston. If a role is open to Boston, it will be listed explicitly in the job location.
We encourage applicants who are located in or open to relocating to the listed location to apply and join us in this hands-on, collaborative environment
What We Offer
~1 min readLocation & Eligibility
Listing Details
- Posted
- July 14, 2026
- First seen
- July 14, 2026
- Last seen
- July 14, 2026
Posting Health
- Days active
- 0
- Repost count
- 0
- Trust Level
- 52%
- Scored at
- July 14, 2026
Signal breakdown
Please let arch.co know you found this job on Jobera.
3 other jobs at arch.co
View all →Explore open roles at arch.co.
Similar Security Operations Engineer jobs
View all →Browse Similar Jobs
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
No spam. Unsubscribe at any time.