InfoSec Engineer

About Us

Hawk is the leading provider of AI-supported anti-money laundering and fraud detection technology. Banks and payment providers globally are using Hawk’s powerful combination of traditional rules and explainable AI to improve the effectiveness of their AML compliance and fraud prevention by identifying more crime while maximizing efficiency by reducing false positives. With our solution, we are playing a vital role in the global fight against Money Laundering, Fraud, or the financing of terrorism. We offer a culture of mutual trust, support and passion – while providing individuals with opportunities to grow professionally and make a difference in the world.

Your Mission:

As a Senior Information Security Engineer at Hawk, your mission is to actively contribute to the security of our products, platforms, and corporate infrastructure. You will be a hands-on technical expert, identifying and mitigating security risks, implementing robust security controls, and driving continuous improvement in our security posture across our global SaaS-like environments, including AWS, Google Cloud, and on-premises deployments. This role is crucial in safeguarding sensitive data and ensuring the integrity, confidentiality, and availability of our systems.

Your Responsibilities:

• Application Security:

  • Perform security code reviews, static application security testing (SAST), and dynamic application security testing (DAST) to identify and remediate vulnerabilities in our applications, particularly within our Kubernetes-based, high-velocity release environment.

  • Collaborate closely with engineering teams to integrate security best practices into the entire Software Development Lifecycle (SDLC) and foster a "security-by-design" mindset.

  • Provide expert guidance on secure coding practices, threat modeling, and security architecture to development teams.

• Cloud & Infrastructure Security:

  • Design, implement, and maintain security controls for our multi-cloud (AWS, Google Cloud) and on-premises infrastructure, with a strong focus on Kubernetes security, network segmentation, identity and access management (IAM), and data protection.

  • Conduct regular security assessments, vulnerability scans, and penetration testing on our cloud environments and critical infrastructure.

  • Automate security processes and controls within our CI/CD pipelines to ensure continuous security validation and compliance.

• Security Operations & Tooling:

  • Evaluate, implement, and manage security tools and technologies, including Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), and Security Information and Event Management (SIEM) solutions.

  • Develop and maintain security monitoring, alerting, and logging capabilities to detect and respond to security incidents proactively.

  • Participate in security incident response activities, including investigation, containment, and remediation of security breaches.

• Corporate IT Security Support:

  • Provide technical expertise and support for improving corporate IT security, including the implementation of Single Sign-On (SSO), Mobile Device Management (MDM), and Endpoint Detection and Response (EDR) solutions.

  • Collaborate with external IT agencies to ensure security standards are met and effectively managed.

• Vulnerability Management:

  • Support the ongoing vulnerability management program, including the triage, prioritization, and tracking of identified vulnerabilities.

  • Work with engineering teams to ensure timely remediation of critical and high-severity vulnerabilities.

• Continuous Improvement:

  • Stay abreast of the latest security threats, vulnerabilities, technologies, and industry trends, translating this knowledge into actionable security improvements for Hawk.

  • Contribute to the development and refinement of information security policies, standards, and procedures from a technical implementation perspective.

Your Profile:

• Bachelor's degree in Information Security, Computer Science, or a related technical field.

• Minimum of 5 years of hands-on experience in information security, with a strong focus on security engineering, application security, or cloud security.

• Proven expertise in securing cloud environments (AWS, Google Cloud preferred) and deep understanding of Kubernetes security best practices.

• Strong practical experience with security testing methodologies and tools (e.g., SAST, DAST, penetration testing, vulnerability scanning).

• Proficiency in scripting languages (e.g., Python, Bash) for security automation.

• Solid understanding of DevSecOps principles and experience integrating security into CI/CD pipelines.

• Familiarity with security operations, incident response processes, and security monitoring tools (e.g., SIEM, EDR).

• Knowledge of common security frameworks and standards (e.g., NIST, CIS Benchmarks).

• Experience with corporate IT security concepts, including SSO, MDM, and endpoint security.

• Excellent analytical, problem-solving, and troubleshooting skills.

• Strong communication and collaboration skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences.

• Relevant technical certifications such as AWS Security Specialty, Certified Kubernetes Security Specialist (CKS), OSCP, or similar are highly desirable.

• Fluency in English is required; German is a plus.