Security Engineer (Cyber & Internal IT Security Expert)

Full time Information Technology

Job Description

Join Magnum Grail as our Security Engineer, where you will safeguard cutting-edge fintech solutions and ensure robust security for our internal IT operations. Work alongside top-tier engineers to design, implement, and manage advanced cybersecurity protections across cloud infrastructure, Microsoft 365 environments, and internal business applications. If you are a hands-on security expert who thrives in technical execution, this is your opportunity to make a tangible impact in a high-performance environment.

Take ownership of security at Magnum Grail, ensuring that both our client-facing financial technology and internal corporate IT systems remain secure, compliant, and resilient. You will work directly with the CTO and development teams, managing identity and access, cloud security, incident response, and regulatory compliance while operating at the forefront of cybersecurity innovation.

Key Responsibilities

Infrastructure & Cloud Security

  • Design and maintain secure cloud architectures in AWS/GCP/Azure, enforcing best practices for network segmentation, encryption, and access control.
  • Secure all CI/CD pipelines and infrastructure-as-code deployments, integrating security at every stage of development.

Microsoft 365 & Internal IT Security

  • Administer and enforce security policies across Microsoft 365 services, including Azure AD, Intune, Defender, and Exchange.
  • Implement device management policies (MDM), access controls, and security monitoring to protect employee endpoints and corporate resources.
  • Monitor insider threats, privilege misuse, and data leaks, ensuring all internal business operations follow strict security standards.

Threat Intelligence & Proactive Security

  • Deploy real-time security monitoring and AI-assisted anomaly detection to identify and mitigate cyber threats before they escalate.
  • Conduct regular penetration tests and vulnerability assessments across cloud and internal systems.
  • Implement and fine-tune automated security alerting and response mechanisms to streamline threat detection and mitigation.

Identity & Access Management (IAM) & Zero Trust Security

  • Manage role-based access control (RBAC), multi-factor authentication (MFA), and privileged account security.
  • Enforce Zero Trust Security principles, ensuring strict least-privilege access across all internal and external systems.

Regulatory Compliance & Security Governance

  • Ensure compliance with PSD2, AML, GDPR, ISO 27000 series, and client security requirements by maintaining security policies and technical safeguards.
  • Conduct security audits and assist with compliance reporting for internal and external stakeholders.

Collaboration with Engineering Teams

  • Work directly with developers to secure applications, APIs, and cloud environments, ensuring all new features follow security best practices.
  • Provide security guidance during architecture reviews, software development, and infrastructure scaling efforts.

Candidate Requirements

Professional Experience

8+ years of experience in cybersecurity engineering, working with cloud security, internal IT security, and regulatory compliance.

Prior experience as:

  • System administrator (Windows/Linux security, networking, access management).
  • DevOps engineer (CI/CD security, cloud IAM, secure automation).
  • Security-focused software engineer (secure coding, API security, penetration testing).

Certifications & Technical Expertise

Candidates must hold at least one of the following or an equivalent industry-recognised certification:

Core Cybersecurity Certifications:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Ethical Hacker (CEH)
  • GIAC Security Essentials (GSEC)

Cloud & Identity Security Certifications (for cloud environments and Microsoft 365 security):

  • Certified Cloud Security Professional (CCSP)
  • AWS Certified Security – Specialty
  • Microsoft Certified: Security, Compliance, and Identity (SC-300 or SC-100)

Risk & Compliance Certifications (for regulatory frameworks like GDPR, PSD2, AML, ISO 27000 series):

  • Certified Information Security Manager (CISM)
  • ISO/IEC 27001 Lead Implementer or Lead Auditor
  • Certified Information Systems Auditor (CISA)

Candidates with equivalent certifications or demonstrable experience in penetration testing, security engineering, or compliance auditing will also be considered.

Technical Mastery

  • Expert knowledge of Microsoft 365 security: Azure AD, Intune, Defender, and identity management.
  • Strong expertise in cloud security: AWS, GCP, or Azure security best practices.
  • Proficiency in writing security scripts (Python, PowerShell, Bash) for automation and threat mitigation.
  • Ability to review and understand code for security vulnerabilities, assisting with security audits and penetration testing.

Security & Compliance

  • Familiarity with GDPR, PSD2, AML, ISO 27000 series, and best practices for data privacy and security frameworks.
  • Experience in developing security policies, auditing IT environments, and enforcing security compliance across corporate and cloud infrastructures.

Work Environment & Expectations

  • Hands-on role: This is not a leadership-track position; we need a technical security expert, not a manager.
  • Office-based work: This position is not remote—you must work onsite in Limassol, Cyprus, or Tallinn, Estonia.
  • Collaboration with internal teams: You will work closely with developers, DevOps, and IT teams, ensuring security enhances, rather than hinders, business operations.