About Us
Harmattan AI is a next-generation defense prime building autonomous and scalable defense systems. Following the close of a $200M Series B, valuing the company at $1.4 billion, we are expanding our teams and capabilities to deliver mission-critical systems to allied forces.
Our work is guided by clear values: building technologies with real-world impact, pursuing excellence in everything we do, setting ambitious goals, and taking on the hardest technical challenges. We operate in a demanding environment where rigor, ownership, and execution are expected.
About the Role
This role is created to own Harmattan AI's cybersecurity operations and compliance posture. As we grow and engage with demanding customers and regulators across the defense sector, the Senior IT Security & Compliance Administrator will ensure our systems, processes, and people meet the highest security standards. You will work closely with our managed SOC (MSSP) and act as the internal security referent for the entire organization.
We are a small but highly capable IT team, and that means real ownership and real impact. Beyond your core security scope, there will be many challenging and interesting cross-functional projects to contribute to — from infrastructure hardening to compliance-driven engineering initiatives. We are looking for someone who enjoys wearing multiple hats and thrives in an environment where no two weeks look the same.
The role includes on-call duties shared across the IT team to ensure continuity of critical services.
Responsibilities
Security Operations & Incident Response
Act as the primary internal point of contact with our managed SOC (MSSP): review alerts, qualify incidents, coordinate response
Lead incident response procedures: containment, investigation, remediation, and post-mortem
Maintain and continuously improve the incident response plan and playbooks
Track threat intelligence relevant to our industry and adjust defenses accordingly
Conduct proactive threat hunting exercises to identify latent threats and suspicious patterns before they escalate
Perform digital forensics analysis on compromised assets to support incident investigation and post-mortem reporting
Vulnerability Management
Run regular vulnerability scans across infrastructure, endpoints, and cloud environments
Prioritize findings based on risk and exploitability, and track remediation with the relevant teams
Maintain a vulnerability register and report on exposure trends to IT management
Coordinate with the L3 System & Network Administrator on patch application and hardening measures
Endpoint & Detection
Oversee antivirus and EDR deployment, configuration, and alert management across all endpoints (macOS, Windows, Linux)
Ensure endpoint security policies are enforced and up to date across our JumpCloud-managed fleet
Analyze EDR telemetry to detect suspicious behavior and reduce the attack surface
SOC & MSSP Coordination
Define and fine-tune detection rules and use cases in collaboration with the MSSP
Review SOC reports, escalate critical findings, and drive remediation with internal teams
Ensure SLA compliance and quality of service from the MSSP
Compliance & Referentials
Lead the implementation and ongoing maintenance of security compliance frameworks, including:
SOC 2 (Type I & II)
Cyber Essentials Plus (UK)
ISO 27001 (as applicable)
other relevant international frameworks
Conduct internal audits, gap analyses, and risk assessments
Prepare and support external audits and certification processes
Maintain the policy library: information security policy, acceptable use, access control, data classification, and more
Security Awareness, Training & Governance
Design, deliver, and continuously improve a company-wide security awareness programme, covering onboarding training, regular refreshers, and role-specific sessions
Run phishing simulation campaigns, analyze results, and drive targeted follow-up actions
Produce clear, engaging security communications tailored to a non-technical audience (guides, alerts, best practice sheets)
Track training completion and awareness KPIs across the organization, and report to management
Advise internal teams (IT, Engineering, Ops) on secure design and best practices
Contribute to the definition of the company's overall security strategy alongside IT management
Candidate Requirements
Experience: Around 5 years of experience in IT security, cybersecurity operations, or a combination of security and compliance roles
Incident Response: Demonstrated experience handling security incidents end-to-end in an operational environment
EDR & Tooling: Hands-on experience with EDR platforms (CrowdStrike, SentinelOne, Microsoft Defender, or equivalent) and SIEM/SOC tooling. Familiarity with Google Workspace and JumpCloud security features is a plus
Compliance: Strong practical knowledge of at least two of the following: SOC 2, Cyber Essentials Plus, ISO 27001, NIST CSF. Experience managing audit processes end-to-end is a strong plus
MSSP Collaboration: Experience working with or coordinating a managed security service provider
Communication: Ability to translate technical security risks into business language. Strong written and spoken English is required — we are an international company and English is our working language. French is a plus
Autonomy: Comfortable owning the security perimeter with limited oversight, willing to contribute across topics outside of core security, and able to thrive in a small, fast-moving team
On-call: Availability to participate in a shared on-call rotation (astreintes) as part of the team
Commitment: 100% dedication to Harmattan AI’s mission, vision, and ambitious growth trajectory, with a willingness to put in extra effort to achieve breakthrough results.
We look forward to hearing how you can help shape the future of autonomous defense systems at Harmattan AI.