At Midas, we are working on real-life engineering challenges to transform the world of finance.
We’ve transformed investing in Turkey by delivering a seamless experience for everyday investors.
Today, 3.5 million users invest with Midas. Backed by an $80M Series B, the largest fintech investment ever in Turkey, we are scaling faster than ever.
As a Security Engineer, Operations you’ll ensure Midas' security infrastructure operates reliably at scale, enabling 3.5M users to invest with confidence while maintaining zero-downtime security posture.
About Midas Team
- We solve challenging problems and build 10x better products.
- We expect hard work, high ownership, a strong desire to learn.
- We bring the best people, holding high quality standards, and an environment of speed and ambition.
- You will get to push your boundaries and learn from the best.
Results Expected
- Enroll 100% of critical data sources across multiple security products, business applications & cloud services into log management platform by the end of the first quarter of 2026
- Achieve 99.9% security log uptime with 10-minute recovery time by Q2 2026, including automated backup/restore pipelines across all cloud and on-premise environments.
- Protect WAF perimeter with state of the art functionality the WAF platform provides by building & maintaining WAF rules for Midas’ external foothold. Achieve 100% improvement on False Negatives and 80% improvement on False Positives within the first half of 2026 for all enrolled domains.
- Design & enroll CIS benchmark implementation across 100% of production inventory by Q2 2026, maintaining 85%+ compliance score with automated validation and reporting by Q3 2026.
- Be responsible for configuration security across cloud, container, and Active Directory environments; define guardrails, enforce policies, and continuously prove that configurations remain secure, resulting in 0 critical misconfigurations by the end of Q2 2026.
- Convert 80% of recurring operational tasks and incident response playbooks to fully automated jobs resulting 2x improvement on incident response & engineering time costs within the first quarter of 2026
- Implement security telemetry with infrastructure visibility and 5-minute alert response times by Q4 2026, ensuring all security tooling health, performance side-effects and availability.
Cultural Competencies
- Questions assumptions and solves from root causes, not just symptoms — investigates why security incidents happen, not just how to fix them.
- Taking full ownership of security operations end-to-end — doesn't hand off problems, owns the complete solution lifecycle.
- Balances speed and safety — builds fast while maintaining security integrity — delivers rapid incident response without compromising thoroughness.
- Collaborates fluidly across teams; communicates clearly, with empathy and precision.
Technical Competencies
- Security Infrastructure Operations: Design and operate logging pipelines, SIEM integrations, and backup/restore systems that achieve 99.9% uptime targets.
- System Hardening & Compliance: Implement and maintain CIS benchmarks, configuration security policies, and automated compliance validation across hybrid environments.
- Automation & Infrastructure-as-Code: Build security automations using Terraform, Ansible, or similar tools to eliminate manual toil and reduce incident response times.
- Network Security & WAF Management: Configure and optimize WAF rules, firewall policies, and network segmentation to block threats while minimizing false positives.
- Monitoring & Telemetry: Implement comprehensive security monitoring with real-time alerting and health visibility across all security tooling.
- Cross-Platform Security: Secure cloud environments, Kubernetes containers, and Active Directory systems through policy enforcement and continuous monitoring.
