PAYOTEK is a mission-driven company dedicated to helping create a world where anyone can belong anywhere. It takes a unified team committed to our core values to achieve this goal. PAYOTEK’s various functions embody the company’s innovative spirit and our fast-moving team is committed to leading as a 21st century company.

Job Summary

PAYOTEK is looking for a highly qualified Security Analyst to join the Compliance Department supporting PAYOTEK’s rapid and sustained global growth. The ideal candidate will have outstanding problem solving skills and enjoys working in a challenging and fast–paced, high-growth environment. Strong attention to detail, ability to meet deadlines consistently and capability to work well under pressure is a must.

Duties &  Responsibilities

• Review security architecture, identify design gaps, and recommend security requirements to internal and external teams.
• Design and evaluate secured cloud architectures and interfaces between internal and external environments, particularly hybrid cloud environments (IaaS, SaaS, etc.).
• Being the subject matter expert on topics related to cyber security for both IT and OT environments.
• Support in creating a security governance framework to adequately measure the security maturity within internal and external business systems/processes.
• Working independently to take up tasks and leading projects that would improve the overall cyber security maturity of the organization.
• Validating security configurations of and access to security infrastructure technology, including firewalls and anti-malware/endpoint protection systems.
• Security assessments of current and prospective vendors and partners, especially those with which we share intellectual property (IP), as well as regulated or other protected data, e.g. software as a service (SaaS) providers, cloud hosting providers, manufacturers, suppliers, etc.
• Initiate and build an overall asset protection program including Zero Trust design principles.
• Support in creating a well-defined cyber security strategy and roadmap.
• Participate in internal and external working groups representing cyber security.

Requirements & Qualifications

• Strong working knowledge of security infrastructure, e.g., firewalls, intrusion prevention systems (IPS), endpoint protection, CASB and DLP.
• Experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises for applications and services.
• Experience designing the deployment of applications and infrastructure into public cloud services.
• Experience with security-related regulatory requirements, such as NIST, PCI, CSA, SOX and ISO 27001.
• Work experience in an international environment – 2 years.
• Strong communication and interpersonal skills.
• Fluent English language skills (written and spoken) and German would be good to have.
• Proactive and solution oriented independent working approach.
• Identify and implement new security technologies and best practices into Cloud offerings.
• Evaluates new technologies against established requirements and validate the security of the technology.
• Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure.
• Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams.
• Supports the monitoring and maintaining network security suite of tools.
• Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis.