Operating across the globe including Europe, Australia, North America and Canada, we’re passionate about being the best and pride ourselves on the unique and diverse range of holiday experiences we offer our customers. Our combined businesses are the world’s largest provider of specialist and experiential travel with a range of outstanding experiences, from private jets, polar expeditions, sailing, ski holidays and more. The Group has a wide range of in-house technologies with a significant number of outsourced partnerships and is undergoing an aggressive transformation plan to adopt more cloud-based services and harnessing the opportunities of rationalising and standardising its platforms and environments. Therefore, there are continuous requirements to conduct security threat, risk, and capability maturity assessments.
What you will be doing
As an Information Security Analyst, you will be mainly working within the internal Security Operations (Sec Ops) center, working with the Head of Information Security Operations and will be responsible for:
Proactively supervising and responding to system generated and user reported information security events and alerts. Prioritising, triaging and logging any resulting security investigations.
Responding to information security incidents in line with set procedures. Helping with the containment, eradication and recovery process as well as reviewing audit logs, conducting forensics, undertaking impact analysis, root cause identification and documenting incident response activities.
Contributing to the improvement of the Sec Ops function by crafting and maintaining incident response playbooks, procedural documentation and dashboards reporting key performance metrics.
Communicating with stakeholders at all levels, answering information security related queries in a timely and effective manner.
Analysing data sources (both internal audit logs and external feeds) to identify trends, vulnerabilities and potential threats. Using this knowledge to conduct and document periodic threat hunts across the company estate.
Assisting the team in conducting risk assessments in line with internal policies and or external compliance requirements.
Supporting and contributing to the maintenance of security controls both on a technical and administrative level.
Contributing to security awareness and user education initiatives.
What we are looking for
An Information/Cyber Security professional with demonstrable experience in alert and incident handling.
Hands on experience working with some of the most common information security tools, such as an EDR solution, SIEM and cloud security solutions (MS XDR, AWS Guard Duty, etc.).
Experience in monitoring, identifying and handling the most common types of information security threats and attacks, such as phishing, malware, credential-based attacks; supply chain attacks and insider threats.
Solid understanding of information security concepts such as the CIA triad, Access Control and Risk Management.
A technical background with a good understanding of cloud and or hybrid environments.
Strong written and verbal communication skills, with the ability to effectively communicate technical concepts to non-technical stakeholders.
Strong analytical and problem-solving skills.
Strong ability to respond quickly to changing priorities by managing own workload and the confidence to work independently.
Familiarity with regulatory standards (such as the GDPR), industry standards (such as the PCI DSS) and security frameworks (such as NIST or the CIS Controls Framework).
Educational background in the Information/Cyber Security field is a plus. Either at degree level or through Information Security related certifications.
Working with us
This is a hands-on role in a rapidly changing environment. As part of a small but dedicated team, you will gain exposure to a wide variety of systems and architectures, and opportunities for development are available for the right candidate. Together we will cultivate a diverse, equitable and inclusive environment, where everyone can thrive. We are committed to inspiring change through increasing awareness of, and counteracting, unconscious bias; building an inclusive culture, and embracing diversity in all its dimensions. Travelopia is committed to ensuring a work environment that is open, accessible, and inclusive, removing barriers for all individuals. If you require accommodations/additional support to participate in the recruitment and selection process, kindly advise us. Our hiring team will work with you to provide suitable accommodations/additional in a timely and confidential manner. Information received will be handled with the utmost discretion.
To request accommodations, please contact our team at Talent@Travelopia.com