Senior Security Lead

About The CompanyHercle is a fast-growing, VC-backed fintech. Our mission is to accelerate the mainstream adoption of digital assets by delivering deep liquidity and efficient settlement, globally.We provide secure and seamless access to digital assets for financial institutions, fintechs, brokers, PSPs, and crypto-native platforms.Working at HercleBeing a technology-first fintech company, driven by young, passionate people, here at Hercle we value our employees as our greatest asset, giving them a lot of responsibility from the very start and all the support they need to make a difference, and grow together with the company. Our flat structure fosters a culture of openness, inclusivity and collaboration, encouraging the sharing of ideas and knowledge, intercrossing a wide range of top level expertise.Everyone at Hercle is a self-starter, outstanding professional who owns his/her tasks and schedule. As a member of the team, you are in charge to achieve your goals and fulfill your mission with the added support, network and knowledge of everyone else. So, as a result, the type of people that we consider as binding with our culture, are ones of deep personal growth motives, passion for collaborating on new, cutting edge ideas, and of course, highly intelligent and adaptive in their own sphere of knowledge and expertise, so as to have a mutual benefit and shared passion in between all team members.About The RoleThe Senior Security Lead (Threat & Risk) helps strengthen Hercle’s overall security posture and keep our technology and information safe as we scale. You’ll bring deep expertise in cybersecurity, technology risk, and resilience, and play a key role in building the foundations of a stronger security function here at Hercle.This is a hands-on role. You’ll work directly with teams across the company to spot risks early, understand how attackers think, and help shape practical security measures that support how we really operate. You’ll also contribute to the evolution of our security capabilities - from threat intelligence to security operations - helping Hercle mature its approach without adding unnecessary complexity.You’ll lead the creation and rollout of Hercle’s ICT & Security Risk Framework, making sure it aligns with our business priorities and reflects modern industry practices. This role is a great fit for someone with a technical security background who enjoys balancing hands-on technical work with a broader risk and resilience perspective.Key ResponsibilitiesThreat Intelligence & Security FoundationsWork closely with the CISO and engineering leads to shape how we approach cybersecurity and technology risk in a fast-moving environment. Help build, evolve, and maintain a security framework that actually works in real life - combining threat intelligence, hands-on controls, and lightweight processes. Contribute to defining how much risk we’re comfortable taking, and help turn that into clear, simple metrics the business can understand and act on. Make sure key security and tech risks are surfaced, shared, and understood across teams without slowing anyone down. Keep governance practical and minimal, focusing on what helps us move faster and stay secure at the same time. Risk Assessment & Security AssuranceLead hands-on assessments of systems, applications, and cloud services - focusing on what matters most. Partner with IT and Security teams to design and improve controls; act as a friendly challenger, not a blocker. Stay ahead of emerging threats and vulnerabilities, and translate them into real impact for our environment. Strengthen our incident response readiness by reviewing playbooks, testing scenarios, and embedding lessons learned. Run focused assurance checks to make sure our security controls work as expected and evolve as we scale. Collaboration & EnablementWork with product, engineering, and business teams to help them adopt new tech securely - cloud, AI, automation, new platforms, you name it. Partner closely with the CISO office to define and track meaningful security metrics and KRIs that support smart decision-making. Drive simple, engaging training and awareness efforts that naturally lift our security culture without resorting to box-ticking. RequirementsYou’re deeply comfortable in the worlds of InfoSec, Computer Science, Engineering, or Risk - you’ve lived in these spaces You’ve actually hunted threats and run penetration tests in live environments You bring 3–6 years of hands-on experience in roles like Security Operations, Incident Response, Detection Engineering, Red Team/Offensive Security, or Cyber Threat Intelligence You can dig through system, network, and application logs and spot attack patterns across the full kill chain. You’ve previously owned or heavily supported security/risk responsibilities — maybe as an InfoSec Officer, Cyber Risk Manager, or senior IT risk specialist Bonus points if you’ve helped stand up, scale, or mature a CISO function or Security Operations capability. Extra nice: experience in regulated/critical environments (fintech, telco, infra, etc.). Why Joining Hercle?Competitive salary. Career and personal growth opportunities. The opportunity to shape risk management strategies in a fast-growing scale-up. Flexible working arrangements (remote/hybrid). Collaborative and forward-thinking work environment. If you’re interested, feel free to reach out and send us your CVBy submitting this application, I confirm that all the information given by me in this application for employment and any additional documents attached hereto are true to the best of my knowledge and that I have not wilfully suppressed any material fact. I confirm I have disclosed if applicable any previous employment with Hercle. I accept that if any of the information given by me in this application is in any way false or incorrect, my application may be rejected, any offer of employment may be withdrawn or my employment with Hercle may be terminated summarily or I may be dismissed. By submitting this application, I agree that my personal data will be processed in accordance with Hercle’s Candidate Privacy Notice