About HBX Group
HBX Group is a leading independent B2B travel technology marketplace connecting travel businesses globally through advanced technology, data-driven solutions, and a network of interconnected products and services. Our Cyber Security team is responsible for protecting global platforms, cloud infrastructure, corporate environments, data assets, and emerging AI-enabled services.
Role Overview
The Blue Team Security Expert is responsible for the continuous protection, monitoring, assessment, and improvement of HBX Group's security posture across corporate, cloud, application, and AI-enabled environments.
The role combines threat detection, incident response, threat hunting, vulnerability management, security automation, and proactive security engineering. The successful candidate will work closely with Red Team, Security Architecture, DevOps, Engineering, Data, and AI teams to identify, prevent, detect, and respond to cyber threats.
Threat Detection & Threat Hunting
- Identify, investigate and analyse cyber security threats affecting services, platforms and development environments.
- Assess the potential impact of detected threats and support the definition of effective remediation actions.
- Perform continuous technology watch to stay up to date with industry trends, emerging attack techniques, best practices and relevant security developments.
- Collaborate with Red Team activities to validate findings, improve detection capabilities and enhance the overall security posture.
AI Security & Emerging Threats
- Assess risks related to Generative AI, Large Language Models (LLMs), AI agents, and machine learning systems.
- Identify and mitigate threats such as:
- Prompt injection attacks
- Data poisoning
- Model manipulation
- AI supply chain attacks
- Sensitive data leakage through AI platforms
- Shadow AI usage
- Partner with AI and Data teams to implement secure-by-design AI solutions.
- Contribute to AI governance, monitoring, and security controls.
- Stay up to date on emerging AI security frameworks and industry best practices.
Vulnerability & Exposure Management
- Monitor, assess and prioritise vulnerabilities across applications, infrastructure, cloud environments and containerised platforms.
- Evaluate the severity, exploitability and potential business impact of vulnerabilities to support risk-based remediation planning.
- Work with technology, infrastructure and development teams to coordinate remediation activities and track progress.
- Contribute to the continuous improvement of vulnerability management processes, reporting and prioritisation criteria.
Cloud & Platform Security
- Support and enhance security controls across AWS, Azure, and GCP environments.
- Monitor cloud-native security services and investigate cloud security incidents.
- Secure containerized environments, including Kubernetes and Docker platforms.
- Assess infrastructure-as-code and cloud deployments for security weaknesses.
- Contribute to Zero Trust and cloud security initiatives.
Incident Response
- Participate in security incident response activities, including investigation, analysis, containment support and timely response.
- Contribute to the identification of root causes and support the definition of corrective and preventive actions.
- Work with relevant teams to ensure lessons learned from incidents are translated into security improvements.
DevSecOps Support and Code Security
- Support agile delivery teams by embedding security practices into development and delivery processes.
- Provide guidance on secure development, code analysis and security testing across different platforms, environments and instances.
- Help improve the organisation’s capability to identify and remediate vulnerabilities in source code.
- Promote the use of security automation tools to improve scalability, consistency and efficiency in security activities.
What You Will Bring
- Previous experience in a cyber security role, technology delivery role or equivalent security-focused position.
- Strong understanding of threat modelling, cyber risk assessment and security analysis techniques.
- Up-to-date knowledge of current cyber security threats, best practices, technologies and defensive techniques.
- Experience with vulnerability management, including vulnerability assessment, prioritisation and remediation coordination.
- Knowledge of incident response processes, including investigation, analysis and timely response activities.
- Experience or working knowledge of secure software development practices and source code security analysis.
- Good understanding of DevOps and Agile principles, with the ability to support security practices in fast-moving delivery environments.
- Knowledge of cloud and container technologies, including Kubernetes, Docker and cloud environments such as AWS, GCP or Azure.
- Experience using programming languages and/or security automation tools to improve security operations and detection capabilities.
Desired skills
- Ability to translate technical security findings into clear risk-based recommendations.
- Strong analytical mindset, with the ability to investigate complex issues and prioritise actions based on impact.
- Good collaboration skills, with the ability to work effectively with Security, Engineering, DevOps and infrastructure teams.
- Proactive approach to learning and staying current with emerging threats, attack techniques and security technologies.
- Ability to balance security requirements with delivery needs in agile and cloud-based environments.
Personal attributes
- Ownership and accountability when managing security findings, incidents or remediation activities.
- Clear communication style, especially when explaining technical risks to non-security stakeholders.
- Continuous improvement mindset, with a focus on strengthening security processes and operational efficiency.
- Team-oriented approach and willingness to collaborate across technical and business areas.
Key Skills
Ranked by relevance
Related Jobs
3 roles aligned with this opportunity
Senior Java Engineer- South Bank, QLD
2026-06-15
Backend/PHP Engineer
2026-07-04
Data Analyst
2026-07-03
- Posted
- Jul 07, 2026
- Type
- Full-time
- Level
- Mid-Senior
- Location
- Valencia
- Company
- HBX Group
Industries
Categories
Related Jobs
3 roles aligned with this opportunity
Senior Java Engineer- South Bank, QLD
2026-06-15
Backend/PHP Engineer
2026-07-04
Data Analyst
2026-07-03