Cyber Security Engineer

About the company

Pago is the smart way to manage your payments: get them all in one app, organized by due date in one screen. #PagoApp

Who We Are

Say hello to Pago - the go-to app for household payments in Romania We're on a mission to expand our success to Poland, Italy, and beyond over the next five years. Our users' aha moment is seeing all their bills on one screen and paying them all with just one confirmation.

Our mission is to help people better manage and pay their utility bills. Since launching in 2017, we've processed a whopping 30 million payments, totaling over 4.5 billion Lei. Check out our exciting journey in our more detailed Seedblink campaign video.

Join our team of 45 developers, designers, marketers, support, and business development as we continue our mission. We're gearing up to grow to over 60 amazing people in the next 12 months as we're looking to accelerate our growth in several countries.

We're Hiring: Cybersecurity Engineer

We are looking for a hands-on Cybersecurity Engineer who will help us secure our systems, detect and respond to threats, and strengthen our security foundation.

Why Join Us?

For Your Growth

• Impact: Play a key role in securing a fast-growing scaleup, where your decisions directly influence business.
• Exposure: Gain deep experience with tools and regulatory frameworks (NBR, ISO 27001, DORA, NIS2) that will accelerate your career.
• Learning: Get an annual certification stipend to accelerate your learning.

For Working in a Great Environment

• Receive a competitive fee.
• Work in a friendly environment - a good vibe goes a long way even when things go the other way.
• Have more than enough paid leave days; we know that being in the right state of mind brings the best results.
• Embrace flexibility – You have the freedom to decide when and where you work (remote in Romania).
• Help us out with tasting and choosing the annual Pago beer / prosecco batch - yes, this implies top decision-making skills for difficult choices like batch theme.

Your Main Responsibilities

Fully Responsible

• Identity & Access Management: Access controls, provisioning & deprovisioning, IAM (AD, least privilege, OTP), secure onboarding/offboarding.
• Network & Endpoint Security: VPNs, whitelisting, endpoint protection (Bitdefender), firewalls (Cloudflare), IDS/IPS (Suricata), WAFs.
• Cloud Security: Assess, design and maintain secure cloud configurations (AWS, Azure, GCP), infra-as-code (Ansible), containers (Docker), API security.
• Application Security: Secure coding guidance, code reviews, penetration testing support, remediation of vulnerabilities.
• Vulnerability Management: Run scans (e.g., Burp Suite), analyze results, patch management, coordinate penetration tests.
• Threat Monitoring & Detection: Configure and maintain SIEM and monitoring systems (Grafana, Zabbix, Loggly, Elastic, CloudWatch).
• Incident Management: Detect, investigate, and respond to security events, including triage and forensic investigation.
• Business Continuity & DR (Security Scope): Participate in recovery tests, failovers, and restoration from backups in line with DORA.

Consulted

• Security Governance & Strategy
• Security Policies & Procedures
• Risk Management
• Compliance Management
• Vendor & Third-Party Risk
• Security Architecture & Design

Key Things to Know About This Role

Pago is becoming a payment institution that needs to meet BNR, DORA or ISO 27001 expectations.

If you have security in regulated markets, especially fintech, let us know.

It's not a MUST - defining the processes is still on us; but it is a PLUS if we know you're familiar with how important this is.

What We're Looking For

• 5+ years of experience in cybersecurity engineering or similar technical role.
• Strong hands-on experience with SIEM, monitoring, and incident response.
• Certifications we expect to see (these, or similar):
• SIEM / Linux: Wazuh Certified Administrator (WCA), Elastic Certified Engineer, CompTIA Linux+
• Cybersecurity: CompTIA Security+, CEH, CompTIA CySA+
• Administration: Windows/Linux/Cloud certifications
• Experience with security controls: VPNs, whitelisting, endpoint protection, firewalls, IDS/IPS.
• Knowledge of authentication and identity systems (SCA, token lifecycle, biometrics, PIN management).
• Background in secure infrastructure (cloud-native security, infra-as-code, containers, CI/CD security).
• Competence in vulnerability management, penetration testing coordination, and patching.
• Ability to support in preparing technical documentation for security audits.
• Excellent communication skills, organized, proactive, and autonomous.
• Fluent in English.

Your First 6 Months

Month 1

• Get to know our team, systems, and processes.
• Understand the product, business model, and current security posture.
• Become familiar with compliance requirements we must uphold (ISO 27001, authorized payment institution, DORA)
• Build relationships with IT and product leads.
• Work with our CTO, Leads and compliance team to map current security gaps vs. where we need to be.

Months 2-3

• Take full ownership of SIEM and vulnerability scanning.
• Implement improvements in access management and cloud security configurations.
• Respond to incidents and lead post-incident reviews.

Months 4-6

• Roll out security hardening and monitoring improvements.
• Optimize detection rules, alerting, and reporting.
• Operate independently as the go-to security partner for leadership and product teams.
• Collaborate with external pen-test providers to validate infrastructure.
• Support readiness for BNR authorization from a security perspective.
• Contribute to security awareness initiatives across the company.
• Collaborate with external providers, such as Pen-test teams, to proof our infrastructure.