Director, Security Operations

Director, Security Operations at CoinDCX

The CoinDCX Journey: Building the Future of Finance

At CoinDCX, our mission is clear - to make crypto and blockchain accessible to every Indian and enable them to participate in the future of finance. As India’s first crypto unicorn valued at $2.45B, we are reshaping the financial ecosystem by building safe, transparent, and scalable products that power adoption at scale. We believe that change starts together. It begins with bold ideas, relentless execution and people who want to build what’s next. If you’re driven by purpose and thrive in environments where your work defines the next chapter of an industry, you’ll feel right at home here.

About the Role

This isn’t a typical Security Operations role. You will work on initiatives that directly shape the security, trust, and resilience of one of India’s leading crypto platforms. We are seeking a Director, Security Operations to lead day-to-day security operations for a fast-growing crypto exchange serving millions of users. This high-impact role combines incident response leadership, threat intelligence, detection and response, and operational excellence at scale. You will lead a high-performing in-house SOC team and drive seamless collaboration with MSSP partners.

What You'll Do

• Lead and mentor the SOC team, ensuring 24/7 operational readiness and world-class incident response capability.
• Oversee daily SOC operations, team workload balancing, escalation management, and operational KPIs.
• Manage the relationship and SLAs with MDR service providers, ensuring quality detection, triage, and response actions.
• Lead joint investigations with MDR analysts and ensure timely, high-fidelity escalations to internal teams.
• Continuously evaluate MDR service performance, tuning, use case coverage, and responsiveness.
• Oversee in-house threat intelligence operations, including crypto-focused threat monitoring, dark-web surveillance, TTP tracking, and reporting.
• Translate threat intel into actionable detections and scenario-driven content (IOCs, behavioral analytics, correlation rules).
• Own the detection engineering lifecycle: use case development, content tuning, signature management, alert pipeline optimization.
• Lead end-to-end incident response for security and privacy events—from triage to remediation to executive communication.
• Serve as Incident Commander during major incidents, coordinating across Legal, Privacy, Engineering, Compliance, Comms, and Exec leadership.
• Drive the creation and maintenance of IR playbooks, tabletop exercises, crisis workflows, and post-incident improvement plans.
• Oversee and guide SIEM/SOAR strategy, engineering backlog, and platform maturity.
• Prioritize and validate log source onboarding, enrichment pipelines, and quality of telemetry feeding detection logic.
• Work with DevOps, Cloud, and Engineering teams to ensure consistent log ingestion from critical systems (blockchain infrastructure, trading engines, wallet services, identity/auth services, cloud infrastructure).
• Champion automation and SOAR playbooks to reduce response time and analyst workload.
• Develop SOC processes, playbooks, metrics, dashboards, and reporting for executive visibility.
• Identify operational gaps, propose solutions, and drive cross-functional improvements in tooling, processes, and team skills.
• Partner with cross functional teams to embed detection and response capabilities in existing and new services.

You’ll Excel in This Role If You Have

• 12+ years in Security Operations, Threat Detection and Response, or Incident Response, with at least 3+ years in a SOC leadership role.
• Proven experience in managing the MSSP partners.
• Strong understanding of modern threats, attacker TTPs (MITRE ATT&CK), malware, exploitation techniques, third-party and cloud-native security risks.
• Hands-on experience with SIEM/SOAR platforms and log architecture.
• Deep understanding of log sources such as AWS Guard Duty, Cloud trail, VPC Flow logs, EDR, WAF, Firewall, IAM, API gateways, blockchain transaction services, cloud telemetry, and network sensors.
• Ability to evaluate detection quality, validate alerts, and guide engineering teams on tuning and enrichment.
• Strong grasp of IR frameworks (NIST 800-61, SANS), threat intel methodologies, and cyber kill chain models.
• Experience developing IR playbooks, tabletop exercises, and SOC operational metrics.
• Strong communication skills, capable of translating technical findings into clear executive-level insights.
• Experience building high-performing teams, mentoring analysts, and defining clear operational processes.
• Familiarity with automation, scripting, or orchestration concepts and comfortable working with internal teams and external regulators.

You’ll Know You’re Winning When

• Analytical Rigor: Exceptional problem-solving skills and attention to detail.
• Technical Excellence: Ability to bridge quantitative research and engineering implementation.
• Strategic Thinking: Can balance short-term tactical improvements with long-term strategic goals.
• Collaboration: Excellent communication skills to work across quant, product, and engineering teams.
• Adaptability: Thrives in fast-paced, dynamic crypto markets with rapidly changing conditions.
• Ownership: Takes full accountability for market quality and strategy performance.

Hiring Process

Here’s what your journey with us looks like:

• Application Review – We assess for skills, alignment, and intent.
• Recruiter Connect – A short conversation to understand you better.
• Functional Round(s) – Deep dive into your approach, craft, and problem-solving.
• Assignment / Simulation Round – A take-home task or live problem-solving exercise to understand how you think and execute in real scenarios.
• Culture & Values Discussion – A conversation to understand our ways of working and how you thrive best.
• Founder Conversation (Optional) – For certain roles and senior levels, you may meet our founders to explore strategic alignment and long-term fit.

Where We Work

We believe the best ideas emerge when people build together. Collaboration, speed and trust come alive when teams share the same space. With this belief, we operate as a work-from-office organisation. This role is based out of our Bangalore office, where energy, alignment and innovation move in real time.

Perks That Empower You

We believe great people deserve great experiences.

• Design Your Own Benefits: Flexible perks to match your lifestyle.
• Unlimited Wellness Leaves: Rest and recharge as you need.
• Mental Wellness Support: Access to therapy and wellness resources.
• Learning Sessions: Bi-weekly learning and growth opportunities.

Ready to Build What’s Next?

If you’re looking for a role that gives you direct access to high-stakes decisions, deep impact and a chance to build the future of finance, this is it. Join CoinDCX and help us make crypto accessible to every Indian, together.

Key skills/competency

• Security Operations
• Incident Response
• Threat Detection
• SOC Leadership
• SIEM/SOAR
• Threat Intelligence
• Log Analysis
• Cloud Security
• MITRE ATT&CK
• Automation