Detalle de la Oferta

Descripción de la Oferta

We are seeking a skilled and proactive Cyber Security Analyst to join our dynamic Travel industry team.
In this role, you will play a critical part in safeguarding our digital infrastructure, customer data, and operational systems against evolving cyber threats. As the Travel sector increasingly relies on digital platforms for bookings, payments, and customer engagement, the need for robust cybersecurity measures has never been greater.
You will be responsible for monitoring, analyzing, and responding to security incidents, conducting vulnerability assessments, and ensuring compliance with industry regulations. This position offers a unique opportunity to contribute to the security and integrity of a global travel ecosystem, protecting both business operations and end-users. Your expertise will directly influence the resilience and trustworthiness of our digital services, making this a pivotal role in our organization’s success.

What You’ll Do – Key Responsibilities:
• Investigate security incidents, conduct forensic analysis, and provide incident response support.
• Perform penetration testing, vulnerability scanning, and risk assessments to identify potential weaknesses in our systems and networks. Develop and implement mitigation strategies to address these vulnerabilities and reduce risk.
• Administer, manage, and monitor multiple security platforms, including Elastic Cloud SIEM (Security Information and Event Management) and Fortinet Endpoint Management System (EMS), supporting alert monitoring, incident investigation, system tuning, and day-to-day security operations across the environment. EDR = Endpoint Detection & Response.
• Assess and resolve IAM (identity & access management) issues that occur across the employee base, as well as with external entities.
• Collaborate closely with IT and software development teams to ensure that security is integrated into all aspects of the technological infrastructure.
• Must follow current compliance procedures, assure clear and accurate documentation, and develop or implement more efficient tools and procedures to ensure compliance. SOC2, GDPR (privacidad de datos), PCI (payment card information)
• Assist with completing customer, partner, and vendor security questionnaires, providing accurate responses related to security controls, compliance posture, and risk management practices.
• Manage vendor compliance and conduct regular risk assessments.
• Conduct risk assessments and periodic reviews related to IAM.
• Monitor compliance with policies, regulations, and customer requirements.

What We’re Looking For (Experience and Education)
• Bachelor's or University Degree in Computer Science, Information Technology, or related field.
• 5+ years applied Information Security Experience.
• Strong understanding of security principles and concepts.
• Experience with Linux, macOS and Windows internals, and server hardening principles.
• Experience with Microsoft 365 & Azure environments.
• Experience with managing security solutions such as EDR, DLP, SIEM, Compliance software.
• Experience in troubleshooting and managing Elastic SIEM and Fortinet Endpoint Management System.
• Working knowledge of compliance certifications and data privacy regulations, such as SOC2, PCI-DSS, GDPR, or other global data protection laws.
• Excellent verbal and written communication skills, with the ability to convey concepts to both technical and non-technical stakeholders.
• Good knowledge of scripting languages (PowerShell, Python, Perl, etc.)
• Good knowledge of firewall and networking concepts.
• Relevant certifications (e.g., CISSP, ITIL, CISA) are preferred.
• Vendor-specific certifications (e.g., Fortinet) are a plus.

Experiencia Requerida

Educación Superior

Educación Secundaria

Lenguajes