Security Engineer, Operations

At Midas, we are working on real-life engineering challenges to transform the world of finance. We’ve transformed investing in Turkey by delivering a seamless experience for everyday investors. Today, 3.5 million users invest with Midas. Backed by an $80M Series B, the largest fintech investment ever in Turkey, we are scaling faster than ever.

As a Security Engineer, Operations you’ll ensure Midas' security infrastructure operates reliably at scale, enabling 3.5M users to invest with confidence while maintaining zero-downtime security posture.

• We solve challenging problems and build 10x better products.
• We expect hard work, high ownership, a strong desire to learn.
• We bring the best people, holding high quality standards, and an environment of speed and ambition.
• You will get to push your boundaries and learn from the best.

• Enroll 100% of critical data sources across multiple security products, business applications & cloud services into log management platform by the end of the first quarter of 2026
• Achieve 99.9% security log uptime with 10-minute recovery time by Q2 2026, including automated backup/restore pipelines across all cloud and on-premise environments.
• Protect WAF perimeter with state of the art functionality the WAF platform provides by building & maintaining WAF rules for Midas’ external foothold. Achieve 100% improvement on False Negatives and 80% improvement on False Positives within the first half of 2026 for all enrolled domains.
• Design & enroll CIS benchmark implementation across 100% of production inventory by Q2 2026, maintaining 85%+ compliance score with automated validation and reporting by Q3 2026.
• Be responsible for configuration security across cloud, container, and Active Directory environments; define guardrails, enforce policies, and continuously prove that configurations remain secure, resulting in 0 critical misconfigurations by the end of Q2 2026.
• Convert 80% of recurring operational tasks and incident response playbooks to fully automated jobs resulting 2x improvement on incident response & engineering time costs within the first quarter of 2026
• Implement security telemetry with infrastructure visibility and 5-minute alert response times by Q4 2026, ensuring all security tooling health, performance side-effects and availability.

• Questions assumptions and solves from root causes, not just symptoms — investigates why security incidents happen, not just how to fix them.
• Taking full ownership of security operations end-to-end — doesn’t hand off problems, owns the complete solution lifecycle.
• Balances speed and safety — builds fast while maintaining security integrity — delivers rapid incident response without compromising thoroughness.
• Collaborates fluidly across teams; communicates clearly, with empathy and precision.

• Security Infrastructure Operations: Design and operate logging pipelines, SIEM integrations, and backup/restore systems that achieve 99.9% uptime targets.
• System Hardening & Compliance: Implement and maintain CIS benchmarks, configuration security policies, and automated compliance validation across hybrid environments.
• Automation & Infrastructure-as-Code: Build security automations using Terraform, Ansible, or similar tools to eliminate manual toil and reduce incident response times.
• Network Security & WAF Management: Configure and optimize WAF rules, firewall policies, and network segmentation to block threats while minimizing false positives.
• Monitoring & Telemetry: Implement comprehensive security monitoring with real-time alerting and health visibility across all security tooling.
• Cross-Platform Security: Secure cloud environments, Kubernetes containers, and Active Directory systems through policy enforcement and continuous monitoring.

Midas Engineering blog posts and tech stack details are available via internal channels and engineering communications at Midas.