-
HBX Group

Cyber Security Specialist - Blue Team

HBX Group
Spain · Full-time · Mid-Senior



About HBX Group

HBX Group is a leading independent B2B travel technology marketplace connecting travel businesses globally through advanced technology, data-driven solutions, and a network of interconnected products and services. Our Cyber Security team is responsible for protecting global platforms, cloud infrastructure, corporate environments, data assets, and emerging AI-enabled services.


Role Overview

The Blue Team Security Expert is responsible for the continuous protection, monitoring, assessment, and improvement of HBX Group's security posture across corporate, cloud, application, and AI-enabled environments.

The role combines threat detection, incident response, threat hunting, vulnerability management, security automation, and proactive security engineering. The successful candidate will work closely with Red Team, Security Architecture, DevOps, Engineering, Data, and AI teams to identify, prevent, detect, and respond to cyber threats.


Threat Detection & Threat Hunting

  • Identify, investigate and analyse cyber security threats affecting services, platforms and development environments.
  • Assess the potential impact of detected threats and support the definition of effective remediation actions.
  • Perform continuous technology watch to stay up to date with industry trends, emerging attack techniques, best practices and relevant security developments.
  • Collaborate with Red Team activities to validate findings, improve detection capabilities and enhance the overall security posture.


AI Security & Emerging Threats

  • Assess risks related to Generative AI, Large Language Models (LLMs), AI agents, and machine learning systems.
  • Identify and mitigate threats such as:
  • Prompt injection attacks
  • Data poisoning
  • Model manipulation
  • AI supply chain attacks
  • Sensitive data leakage through AI platforms
  • Shadow AI usage
  • Partner with AI and Data teams to implement secure-by-design AI solutions.
  • Contribute to AI governance, monitoring, and security controls.
  • Stay up to date on emerging AI security frameworks and industry best practices.


Vulnerability & Exposure Management

  • Monitor, assess and prioritise vulnerabilities across applications, infrastructure, cloud environments and containerised platforms.
  • Evaluate the severity, exploitability and potential business impact of vulnerabilities to support risk-based remediation planning.
  • Work with technology, infrastructure and development teams to coordinate remediation activities and track progress.
  • Contribute to the continuous improvement of vulnerability management processes, reporting and prioritisation criteria.


Cloud & Platform Security

  • Support and enhance security controls across AWS, Azure, and GCP environments.
  • Monitor cloud-native security services and investigate cloud security incidents.
  • Secure containerized environments, including Kubernetes and Docker platforms.
  • Assess infrastructure-as-code and cloud deployments for security weaknesses.
  • Contribute to Zero Trust and cloud security initiatives.


Incident Response

  • Participate in security incident response activities, including investigation, analysis, containment support and timely response.
  • Contribute to the identification of root causes and support the definition of corrective and preventive actions.
  • Work with relevant teams to ensure lessons learned from incidents are translated into security improvements.


DevSecOps Support and Code Security

  • Support agile delivery teams by embedding security practices into development and delivery processes.
  • Provide guidance on secure development, code analysis and security testing across different platforms, environments and instances.
  • Help improve the organisation’s capability to identify and remediate vulnerabilities in source code.
  • Promote the use of security automation tools to improve scalability, consistency and efficiency in security activities.


What You Will Bring

  • Previous experience in a cyber security role, technology delivery role or equivalent security-focused position.
  • Strong understanding of threat modelling, cyber risk assessment and security analysis techniques.
  • Up-to-date knowledge of current cyber security threats, best practices, technologies and defensive techniques.
  • Experience with vulnerability management, including vulnerability assessment, prioritisation and remediation coordination.
  • Knowledge of incident response processes, including investigation, analysis and timely response activities.
  • Experience or working knowledge of secure software development practices and source code security analysis.
  • Good understanding of DevOps and Agile principles, with the ability to support security practices in fast-moving delivery environments.
  • Knowledge of cloud and container technologies, including Kubernetes, Docker and cloud environments such as AWS, GCP or Azure.
  • Experience using programming languages and/or security automation tools to improve security operations and detection capabilities.


Desired skills

  • Ability to translate technical security findings into clear risk-based recommendations.
  • Strong analytical mindset, with the ability to investigate complex issues and prioritise actions based on impact.
  • Good collaboration skills, with the ability to work effectively with Security, Engineering, DevOps and infrastructure teams.
  • Proactive approach to learning and staying current with emerging threats, attack techniques and security technologies.
  • Ability to balance security requirements with delivery needs in agile and cloud-based environments.


Personal attributes

  • Ownership and accountability when managing security findings, incidents or remediation activities.
  • Clear communication style, especially when explaining technical risks to non-security stakeholders.
  • Continuous improvement mindset, with a focus on strengthening security processes and operational efficiency.
  • Team-oriented approach and willingness to collaborate across technical and business areas.


Key Skills

Ranked by relevance

ai cloud cyber security incident response devops security practices cloud security kubernetes docker aws gcp vulnerability assessment machine learning
Login to Apply
Posted
Jul 07, 2026
Type
Full-time
Level
Mid-Senior
Location
Valencia
Company
HBX Group

Industries

Travel Arrangements

Categories

Information Technology

Related Jobs

3 roles aligned with this opportunity

View all jobs
View Job Details
Flight Centre Travel Group
Related

Senior Java Engineer- South Bank, QLD

2026-06-15

Full-time
Mid-Senior
Australia
Travel Arrangements
Engineering
View Job Details
Airalo
Related

Backend/PHP Engineer

2026-07-04

Full-time
Not Applicable
Spain
Telecommunications
Engineering
View Job Details
Landal
Related

Data Analyst

2026-07-03

Full-time
Not Applicable
Netherlands
Travel Arrangements
Information Technology