Senior Cyber Security Engineer

Our client is the all-in-one platform for hospitality businesses to automate and optimize every aspect of their operations. With purpose-built technology, industry-wide expertise, and an R&D team of 200+ engineers, our client ensures that hospitality businesses can streamline and achieve growth, while delivering the best value to guests. With a complete suite of features and 150+ industry partners, including major booking OTAs like Airbnb, Vrbo, Booking.com, Tripadvisor,

Expedia, Hopper, Google Travel, and many more, our client is transforming the hospitality industry with innovative solutions.

Today, our client has 15 offices and 700+ team members across the globe.

Our Security team is growing and we’re looking for a Senior Cybersecurity Engineer to join us!

In this role, you will play a crucial role in a global team driving huge-scale live production sites 24X7 and gaining a deep understanding of security and availability.

Responsibilities

• Security Architecture & Design: Lead the design and implementation of robust security infrastructures across cloud (AWS/Azure/GCP) and on-premise environments.
• Incident Response & Forensics: Act as a Tier 3 escalation point for security breaches. Lead post-mortem analyses to ensure “lessons learned” become “vulnerabilities patched.”
• Engineering & Automation: Develop automated scripts (Python, Bash, or PowerShell) to streamline security monitoring and incident response workflows.
• Vulnerability Management: Oversee continuous scanning, penetration testing coordination, and the remediation of discovered weaknesses.
• Compliance & Governance: Ensure our systems align with industry standards such as ISO 27001, SOC2, NIST, or HIPAA.
• Mentorship: Provide technical leadership to junior engineers and conduct security awareness training across the organization.

Qualifications

• At least 5 years of experience as a cybersecurity engineer in a cloud-based environment, with vast hands-on experience
• Network Security: Firewalls (Palo Alto/Cisco), IDS/IPS, VPNs, Zero Trust Architecture.
• Cloud Security: IAM policies, KMS, CloudTrail, Container Security (Kubernetes/Docker).
• Tools: SIEM (Splunk/Sentinel), EDR (CrowdStrike/SentinelOne), Wireshark, Metasploit.
• DevSecOps: Integrating security into CI/CD pipelines (GitHub Actions, Jenkins), managing the bug bounty program, validating the findings, and working with the teams to resolve the findings.
• Compliance and GRC: Experience with audit processes such as SOC2 Type 2 and PCI-DSS, using compliance management platforms (Vanta / Scytale)
• Certifications: CISSP, CISM, CEH, or AWS Certified Security Specialty.

Perks and Benefits:

• Flexible work schedule.
• Fixed financial bonus issued upfront on a quarterly basis, covering the average market price of private medical care and sport card - B2B contract.
• Present on the occasion of birthday, wedding, child birth.
• E-learning accounts for Coursera, O'Relly, Udemy.
• Corporate language school.