Sofia Hybrid Full-time

Payhawk is hiring a Security Engineer

Responsibilities

  • Lead the evaluation, implementation, and continuous improvement of cybersecurity controls across the organization to ensure alignment with internal security standards and regulatory requirements.
  • Conduct vulnerability assessments and coordinate remediation activities with engineering and infrastructure teams, including risk prioritization, tracking, and reporting.
  • Manage and maintain endpoint security controls, including system monitoring, patch management, and security configuration to ensure optimal performance and protection across enterprise environments.
  • Configure, manage, and optimize the organization’s mobile device management (MDM) and endpoint protection platforms, ensuring effective coverage and policy enforcement.
  • Oversee software deployment, operating system imaging, and patch compliance across enterprise endpoints, ensuring timely updates and adherence to security baselines.
  • Monitor, investigate, and respond to security alerts and incidents using SIEM, EDR, and related security tools, ensuring effective containment, remediation, and post-incident analysis.
  • Document security monitoring activities, incident investigations, and response actions in ticketing and case management systems to ensure traceability and continuous improvement.
  • Collaborate with engineering, IT, and product teams to define, implement, and maintain security baselines and secure configurations across systems and endpoints.
  • Participate in the security assessment and due diligence of third-party vendors and service providers, including reviewing security documentation and identifying potential risks.
  • Assist in responding to customer security inquiries and completing security questionnaires, supporting sales and customer assurance processes with accurate and timely information.
  • Contribute to security awareness initiatives and promote security best practices across the organization.
  • Provide guidance and mentorship to junior team members on security operations, endpoint security, and incident response practices.

Requirements

  • Degree in Computer Science, Information Security, Information Technology, or a related field.
  • 4+ years of experience in cybersecurity, information security, or a related technical role.
  • Understanding of networking concepts and protocols, including TCP/IP, DNS, firewalls, VPNs, and network segmentation.
  • Hands-on experience in security operations, including endpoint security, vulnerability management, threat detection, and incident response within enterprise environments.
  • Practical experience with SIEM, EDR, and centralized logging platforms (e.g., Splunk, Microsoft Sentinel, CrowdStrike, or similar), including alert investigation, detection tuning, and incident analysis.
  • Experience with vulnerability management tools (e.g., Nessus, Qualys, OpenVAS) and the ability to interpret scan results, prioritize remediation, and coordinate fixes with engineering or infrastructure teams.
  • Ability to develop or maintain automation scripts using PowerShell, Python, or Bash to improve security monitoring, reporting, or operational workflows.
  • Familiarity with endpoint management and security technologies, including MDM platforms and endpoint protection solutions.
  • Understanding of security best practices, system hardening, and security baselines across operating systems and enterprise environments.
  • Strong analytical and problem-solving skills
  • High attention to detail and ability to prioritize tasks in a fast-paced environment
  • Excellent communication and teamwork
  • Eagerness to learn, adapt, and grow in a dynamic cybersecurity team.

Nice to Have

  • Professional security certifications are considered a strong advantage, such as CompTIA Security+, Cisco CyberOps Associate/Professional, Azure Security Engineer, Google Professional Cloud Security Engineer, CEH, or similar security certifications.
  • Continuous professional development through security certifications, training, industry events, or participation in the cybersecurity community.

Benefits

  • Competitive compensation package
  • 30 days holiday paid leave
  • One week exchange policy to another Payhawk office (London, Berlin, Barcelona, Paris, Amsterdam and Vilnius)
  • Flexible working hours and opportunity to work from home
  • Regular team-wide events
  • Additional medical care
  • MultiSport card fully funded by us
  • Company office massages
  • Personal assistant service
  • Opportunity to use the Payhawk product (that is, essentially, built by you).

Work Arrangement

Hybrid — New York, London, Berlin, Munich, Barcelona, Paris, Amsterdam, Vilnius, Sofia

Additional Information

  • Flexible working hours
  • Opportunity to work from home
  • One week exchange policy to another Payhawk office
Required Skills
Information SecurityEDR
About company
Payhawk

Payhawk is an AI-native spend management platform that brings together bills, cards, expenses, travel, and procurement for global teams. The platform empowers finance teams with control, automation, and savings while enabling effortless spending for employees.

With features like corporate cards, business accounts, expense management, accounts payable, and AI-powered workflow orchestration, Payhawk streamlines financial operations across borders and currencies. The platform is designed to give real-time budget tracking, multi-entity management, and seamless integrations with existing finance stacks.

Trusted by forward-thinking finance leaders in over 32 countries, Payhawk aims to transform how businesses manage and gain visibility into their spending.

All jobs at Payhawk Visit website
Job Details
Department IT & Security Team
Category security
Posted 2 hours ago