Responsibilities
- Lead the evaluation, implementation, and continuous improvement of cybersecurity controls across the organization to ensure alignment with internal security standards and regulatory requirements.
- Conduct vulnerability assessments and coordinate remediation activities with engineering and infrastructure teams, including risk prioritization, tracking, and reporting.
- Manage and maintain endpoint security controls, including system monitoring, patch management, and security configuration to ensure optimal performance and protection across enterprise environments.
- Configure, manage, and optimize the organization’s mobile device management (MDM) and endpoint protection platforms, ensuring effective coverage and policy enforcement.
- Oversee software deployment, operating system imaging, and patch compliance across enterprise endpoints, ensuring timely updates and adherence to security baselines.
- Monitor, investigate, and respond to security alerts and incidents using SIEM, EDR, and related security tools, ensuring effective containment, remediation, and post-incident analysis.
- Document security monitoring activities, incident investigations, and response actions in ticketing and case management systems to ensure traceability and continuous improvement.
- Collaborate with engineering, IT, and product teams to define, implement, and maintain security baselines and secure configurations across systems and endpoints.
- Participate in the security assessment and due diligence of third-party vendors and service providers, including reviewing security documentation and identifying potential risks.
- Assist in responding to customer security inquiries and completing security questionnaires, supporting sales and customer assurance processes with accurate and timely information.
- Contribute to security awareness initiatives and promote security best practices across the organization.
- Provide guidance and mentorship to junior team members on security operations, endpoint security, and incident response practices.
Requirements
- Degree in Computer Science, Information Security, Information Technology, or a related field.
- 4+ years of experience in cybersecurity, information security, or a related technical role.
- Understanding of networking concepts and protocols, including TCP/IP, DNS, firewalls, VPNs, and network segmentation.
- Hands-on experience in security operations, including endpoint security, vulnerability management, threat detection, and incident response within enterprise environments.
- Practical experience with SIEM, EDR, and centralized logging platforms (e.g., Splunk, Microsoft Sentinel, CrowdStrike, or similar), including alert investigation, detection tuning, and incident analysis.
- Experience with vulnerability management tools (e.g., Nessus, Qualys, OpenVAS) and the ability to interpret scan results, prioritize remediation, and coordinate fixes with engineering or infrastructure teams.
- Ability to develop or maintain automation scripts using PowerShell, Python, or Bash to improve security monitoring, reporting, or operational workflows.
- Familiarity with endpoint management and security technologies, including MDM platforms and endpoint protection solutions.
- Understanding of security best practices, system hardening, and security baselines across operating systems and enterprise environments.
- Strong analytical and problem-solving skills
- High attention to detail and ability to prioritize tasks in a fast-paced environment
- Excellent communication and teamwork
- Eagerness to learn, adapt, and grow in a dynamic cybersecurity team.
Nice to Have
- Professional security certifications are considered a strong advantage, such as CompTIA Security+, Cisco CyberOps Associate/Professional, Azure Security Engineer, Google Professional Cloud Security Engineer, CEH, or similar security certifications.
- Continuous professional development through security certifications, training, industry events, or participation in the cybersecurity community.
Benefits
- Competitive compensation package
- 30 days holiday paid leave
- One week exchange policy to another Payhawk office (London, Berlin, Barcelona, Paris, Amsterdam and Vilnius)
- Flexible working hours and opportunity to work from home
- Regular team-wide events
- Additional medical care
- MultiSport card fully funded by us
- Company office massages
- Personal assistant service
- Opportunity to use the Payhawk product (that is, essentially, built by you).
Work Arrangement
Hybrid — New York, London, Berlin, Munich, Barcelona, Paris, Amsterdam, Vilnius, Sofia
Additional Information
- Flexible working hours
- Opportunity to work from home
- One week exchange policy to another Payhawk office