Senior Information Security Analyst

About Us 

Hawk is the leading provider of AI-supported anti-money laundering and fraud detection technology. Banks and payment providers globally are using Hawk's powerful combination of traditional rules and explainable AI to improve the effectiveness of their AML compliance and fraud prevention by identifying more crime while maximizing efficiency by reducing false positives. With our solution, we are playing a vital role in the global fight against Money Laundering, Fraud, or the financing of terrorism. We offer a culture of mutual trust, support and passion – while providing individuals with opportunities to grow professionally and make a difference in the world. 

Your Mission:

We are seeking a highly skilled and technically strong (Senior) Information Security Analyst to join Hawk's Information Security function. This role is critical to maintaining trust with our customers, supporting pre-sales and sales engagements, and ensuring Hawk remains compliant with security standards such as ISO 27001.

You will act as a key technical and communication bridge between customers, auditors, internal teams, and our security tooling landscape. From managing security enquiries and RFPs to strengthening our ISMS and improving endpoint and access security, you will play a vital role in safeguarding Hawk's platform, data, and operations.

This is an ideal opportunity for someone who combines deep technical capability, excellent communication skills, and strong security fundamentals, with the ability to operate confidently with both technical and non-technical stakeholders. Fluent German is essential for this role due to regular engagement with German-speaking customers.

Key Responsibilities:

Customer & Pre-Sales Security Support

• Respond to security questionnaires, RFPs, and due-diligence requests in collaboration with Sales and Pre-Sales.

• Participate in customer calls to explain Hawk's security posture and answer technical, compliance, and infrastructure-related questions.

• Represent Hawk's security capabilities clearly and confidently to regulated financial institutions.

ISMS & Compliance (ISO 27001)

• Support the ongoing operation and improvement of Hawk's ISMS, ensuring alignment with ISO 27001 controls and underlying processes.

• Assist in internal audits, evidence gathering, and risk assessments.

• Help maintain certification readiness by driving documentation, process adherence, and corrective actions.

Security Tooling & IT Security Operations

• Provide operational support for core IT & security tools, including JumpCloud (SSO/IdP), MDM, endpoint policies, and access management workflows.

• Support the roadmap toward centralized, secure workstation management — monitoring, controlling, and updating all endpoints across macOS, Windows, and Linux.

• Assist in evaluating and managing security-related 3rd party SaaS tools used across the business.

Platform & 3rd-Party Security Oversight

• Monitor the security posture of Hawk's corporate tools, infrastructure, and integrations.

• Support vendor assessments and due diligence for security-related tools.

• Collaborate with Engineering, IT, and InfoSec to strengthen platform and enterprise security baselines.

Cross-Functional Collaboration & Stakeholder Communication

• Work closely with Information Security, IT, Engineering, Sales, Customer Success, and Procurement teams.

• Translate complex technical and security concepts into clear explanations for both technical and non-technical audiences.

• Contribute to internal security awareness, documentation, and operational processes.

Your Profile:

Technical Experience & Skills:

• 5+ years of hands-on experience in Information Security, IT Security, or System Administration within a B2B tech or SaaS environment.

• Strong technical competence across multiple operating systems (macOS, Windows, Linux) including admin-level experience.

• Experience with identity and access management tools (e.g., JumpCloud, Okta), MDM solutions, and enterprise security platforms.

• Solid understanding of IT security fundamentals, including authentication, endpoint security, encryption, and network basics.

• Familiarity with ISO 27001 or ISMS operations; experience supporting audits or certification maintenance.

• Basic security certifications (e.g., CompTIA Security+, CEH) are highly desirable.

Communication & Stakeholder Management:

• Fluent German and English — mandatory due to regular customer-facing security discussions.

• Ability to articulate complex technical issues clearly to diverse audiences (engineers, customers, auditors, leadership).

• Strong documentation skills with attention to accuracy and clarity.

Bonus:

• Experience supporting security RFPs, due-diligence calls, or regulated financial customers.

• Exposure to 3rd-party risk management or SaaS security tooling.

• A proactive, structured, and collaborative approach.

• Ability to balance multiple priorities and operate effectively in a fast-paced environment.