Senior IT & Security Specialist

At Hoxhunt, we don’t just build software. We build behavior change on a global scale. With a world-class product and over 50% year-on-year growth, we’re helping companies around the world create a culture of cybersecurity, one employee at a time. And now, we’re ready for the next chapter: strengthening our IT and Security operations to support our fast growth.That’s where you come in.Your MissionAs our Senior IT & Security Specialist, you ensure daily IT and security operations run smoothly while continuously improving how we operate. We’re a Mac-first environment, and you’ll help raise the security and operational maturity of our macOS fleet as we scale globally. You are both hands-on and a domain owner. You participate in support, onboarding, and incident response alongside the IT & Security Manager and IT & Security Specialists, while acting as the technical escalation point and driving improvements in automation, hardening, and detection.This role is the senior technical counterpart in our lean IT & SecOps team. You’ll stay hands-on while owning improvements and leading escalations.What You’ll DoDaily IT & Security OperationsParticipate in daily IT & Security operations across macOS, Windows, iOS, and Android.Execute and oversee onboarding and offboarding.Share responsibility for device provisioning, compliance enforcement, and SaaS access management.Monitor and triage security alerts and lead investigations when complexity increases.Step in during peak workload and incidents to keep service quality high.Maintain strong responsiveness and service quality for global teams.Endpoint & Identity OwnershipOwn endpoint management architecture and security baselines, with a macOS-first focus but keep in mind that Windows is time to time needed.Define and evolve macOS security standards and drive adoption through tooling, documentation, and enablement.Define and evolve hardening standards for macOS and Windows, aligned with operational reality and security posture goals.Design and improve RBAC structures and Conditional Access policies.Strengthen identity security posture with MFA, device trust, and session controls.Improve patching, compliance monitoring, and device lifecycle management.Security Operations & Incident LeadershipAct as the escalation point for complex endpoint and identity incidents.Lead investigations end-to-end, including root cause analysis.Improve detection logic and reduce false positives across EDR/XDR and log platforms.Develop and refine response playbooks.Identify systemic weaknesses and implement durable fixes.Automation & Process ImprovementAutomate repetitive operations using scripting and APIs.Improve onboarding and offboarding workflows through integrations.Reduce manual workload through process redesign and self-service.Keep processes audit-ready and scalable year-round.Governance & ComplianceOwn the maturity of technical controls within your domains.Contribute to SOC 2 Type II control effectiveness and evidence quality using our GRC tooling.Ensure endpoint and identity configurations align with policies and standards.Support vendor security evaluations from a technical perspective.Own IT/security input for customer and vendor compliance questionnaires.Leadership Within a Lean and Agile fast moving teamWork side-by-side with IT & Security Specialists in daily operations.Provide technical guidance and mentorship.Contribute to IT and security roadmap planning with the IT & Security Manager.Lead small-to-medium improvement initiatives end-to-end.Tech You’ll Work WithYou Will Work In a Cloud-first Environment IncludingmacOS, Windows, iOS, Android endpoints.Microsoft 365 and Entra ID (multi-domain tenants).Google Workspace (selected domains).Hoxhunt’s own platform for security awareness operations and reported-threat workflows (triage, follow-ups, and coordination).MDM, EDR/XDR, SIEM, ZTNA, RMM, CASB, SASE, SSE.Slack, Teams, Zoom.We actively use AI tools such as ChatGPT, Claude, Microsoft Copilot, and Cursor to move faster in scripting, troubleshooting, documentation, and operational analysis.Salary and LocationHelsinki HQ is the primary location. Hybrid work is supported, with regular office presence expected.The expected salary range is €4,900–€5,500/month. We’re open to adjust for candidates with strong matching experience.What You BringAbility to thrive in a fast-paced environment, adapt to rapid changes, and solve unexpected challenges. Experience from SaaS scale-ups is highly valued.An IT-related degree or equivalent experience, with 8+ years in IT Support, Security Operations, IT Security, IT Service Desk, or similar roles.Strong macOS and Windows skills, including Entra ID and Microsoft device management.A security mindset and willingness to continuously learn.Proven experience leading IT projects with end-to-end ownership.Strong analytical problem-solving skills and a solution-oriented approach.A friendly, team-oriented attitude with excellent interpersonal skills.Scripting skills in PowerShell, Bash, and KQL.Experience with EDR, ZTNA, and RMM solutions.Fluent written and spoken English and Finnish.Who You AreHighly self-motivated and comfortable owning work independently, while collaborating closely with teammates and stakeholders.Calm and decisive under pressure. When incidents hit or priorities shift, you assess quickly, choose a path, and keep others aligned.You enjoy solving messy, real-world problems and can troubleshoot under uncertainty across endpoints, identity, SaaS, and security tooling.Ownership-driven and proactive. If something is not working, you fix it and put a durable improvement in place (automation, standards, or process).Strong at triage and escalation. You know when to go deep yourself, and when to pull others in early to reduce risk and downtime.Resilient and persistent. You drive issues to closure, validate results, and ensure follow-ups don’t slip.A clear, trusted communicator who explains technical topics in a human way.Passionate about delivering a secure, smooth technology experience while raising the bar for how the team operates.What Success Looks Like60 DaysComplete onboarding and align priorities with the IT/Security Manager.Map the current state for endpoints, identity, and key tooling. Identify quick wins and risks.Take ownership of escalations and improve at least one recurring support or security issue through process, automation, or documentation.90 DaysOwn a core area such as endpoint fleet, identity and access, or detection and response workflows.Deliver measurable improvements such as reduced toil, stronger compliance, faster incident handling, or upgraded runbooks.Lead a cross-team initiative such as onboarding/offboarding improvements, baseline hardening refresh, or access review cadence.120 DaysDeliver a meaningful project end-to-end with clear outcomes and stakeholder buy-in.Refresh standards such as baselines and runbooks and make adoption stick.Mentor others through at least one enablement session and raise the team’s operating maturity.Why Join Us?Growing industry: Cybersecurity is one of the fastest-growing industries. Be at the forefront of protecting people and organizations from evolving threats.Collaborative culture: Work in a supportive, positive team where your contributions and ideas matter.Impactful work: Your efforts will directly protect our people, systems, and customers.Continuous growth: Enjoy opportunities for professional development and skill building in a fast-paced scale-up environment.Our Recruitment ProcessInitial call with Talent Acquisition (30 min remote) Meeting with IT/Security Manager (60 min remote) Technical Task & Panel Discussion (90 min at our office) Reference checks and offerHoxhunt in a NutshellHoxhunt was founded in 2016 by four visionaries. Today, we are a team of 200+ amazing Hoxhunters advancing one of the hottest scale-up companies in the human risk management category, with locations in Finland, Germany, the United States, and the United Kingdom. Hoxhunt is one of the fastest-growing software companies in Finland, premiering in the Deloitte Fast 50 rankings for three consecutive years.Hoxhunt educates employees on how to protect themselves and their employers against malicious cyberattacks. Our core belief is that the best way to do this is through frequent, personalized, and behavior-changing cybersecurity training. We have been featured in CIO Magazine, Forbes, Inc., EU-Startups, and many more publications. ... ... Be among the first to know about our open positions. Connect with us through our career site and join our Talent Community.Hoxhunt helps security leaders and employees join forces to prevent data breaches.Hoxhunt is a Human Risk Management platform that goes beyond security awareness to drive behavior change and measurably lower risk. Data breaches start with people, so Hoxhunt does too. It combines AI and behavioral science to create individualized micro-training experiences people love. Employees learn to detect and report advanced phishing attacks. Operations teams respond fast with limited resources. Security leaders gain outcome-driven metrics to document reduced cybersecurity risk.Hoxhunt works with leading global companies such as Airbus, IGT, DocuSign, Nokia, AES, Avanade, and Kärcher and partners with leading global cybersecurity companies such as Microsoft and Deloitte.