Cyber Security Specialist - Blue Team
hace 3 días
Valencia
ppHBX Group is a leading independent B2B travel technology marketplace connecting travel businesses globally through advanced technology, data‑driven solutions, and a network of interconnected products and services. Our Cyber Security team is responsible for protecting global platforms, cloud infrastructure, corporate environments, data assets, and emerging AI‑enabled services. /p h3Role Overview /h3 pThe Blue Team Security Expert is responsible for the continuous protection, monitoring, assessment and improvement of HBX Group’s security posture across corporate, cloud, application, and AI‑enabled environments. /p pThe role combines threat detection, incident response, threat hunting, vulnerability management, security automation, and proactive security engineering. The successful candidate will work closely with Red Team, Security Architecture, DevOps, Engineering, Data, and AI teams to identify, prevent, detect and respond to cyber threats. /p ul liIdentify, investigate and analyse cyber security threats affecting services, platforms and development environments. /li liAssess the potential impact of detected threats and support the definition of effective remediation actions. /li liPerform continuous technology watch to stay up to date with industry trends, emerging attack techniques, best practices and relevant security developments. /li liCollaborate with Red Team activities to validate findings, improve detection capabilities and enhance the overall security posture. /li /ul h3AI Security Emerging Threats /h3 ul liAssess risks related to Generative AI, Large Language Models (LLMs), AI agents, and machine learning systems. /li liIdentify and mitigate threats such as: /li liAI supply chain attacks /li liSensitive data leakage through AI platforms /li liShadow AI usage /li liPartner with AI and Data teams to implement secure‑by‑design AI solutions. /li liContribute to AI governance, monitoring, and security controls. /li liStay up to date on emerging AI security frameworks and industry best practices. /li /ul h3Vulnerability Exposure Management /h3 ul liMonitor, assess and prioritise vulnerabilities across applications, infrastructure, cloud environments and containerised platforms. /li liEvaluate the severity, exploitability and potential business impact of vulnerabilities to support risk‑based remediation planning. /li liWork with technology, infrastructure and development teams to coordinate remediation activities and track progress. /li liContribute to the continuous improvement of vulnerability management processes, reporting and prioritisation criteria. /li liSupport and enhance security controls across AWS, Azure and GCP environments. /li liMonitor cloud‑native security services and investigate cloud security incidents. /li liSecure containerised environments, including Kubernetes and Docker platforms. /li liAssess infrastructure‑as‑code and cloud deployments for security weaknesses. /li liContribute to Zero Trust and cloud security initiatives. /li liParticipate in security incident response activities, including investigation, analysis, containment support and timely response. /li liContribute to the identification of root causes and support the definition of corrective and preventive actions. /li liWork with relevant teams to ensure lessons learned from incidents are translated into security improvements. /li /ul h3DevSecOps Support and Code Security /h3 ul liSupport agile delivery teams by embedding security practices into development and delivery processes. /li liProvide guidance on secure development, code analysis and security testing across different platforms, environments and instances. /li liHelp improve the organisation’s capability to identify and remediate vulnerabilities in source code. /li liPromote the use of security automation tools to improve scalability, consistency and efficiency in security activities. /li /ul h3What You Will Bring /h3 ul liPrevious experience in a cyber security role, technology delivery role or equivalent security‑focused position. /li liStrong understanding of threat modelling, cyber risk assessment and security analysis techniques. /li liUp‑to‑date knowledge of current cyber security threats, best practices, technologies and defensive techniques. /li liExperience with vulnerability management, including vulnerability assessment, prioritisation and remediation coordination. /li liKnowledge of incident response processes, including investigation, analysis and timely response activities. /li liExperience or working knowledge of secure software development practices and source code security analysis. /li liGood understanding of DevOps and Agile principles, with the ability to support security practices in fast‑moving delivery environments. /li liKnowledge of cloud and container technologies, including Kubernetes, Docker and cloud environments such as AWS, GCP or Azure. /li liExperience using programming languages and/or security automation tools to improve security operations and detection capabilities. /li /ul h3Desired skills /h3 ul liAbility to translate technical security findings into clear risk‑based recommendations. /li liStrong analytical mindset, with the ability to investigate complex issues and prioritise actions based on impact. /li liGood collaboration skills, with the ability to work effectively with Security, Engineering, DevOps and infrastructure teams. /li liProactive approach to learning and staying current with emerging threats, attack techniques and security technologies. /li liAbility to balance security requirements with delivery needs in agile and cloud‑based environments. /li /ul h3Personal attributes /h3 ul liOwnership and accountability when managing security findings, incidents or remediation activities. /li liClear communication style, especially when explaining technical risks to non‑security stakeholders. /li liContinuous improvement mindset, with a focus on strengthening security processes and operational efficiency. /li liTeam‑oriented approach and willingness to collaborate across technical and business areas. /li /ul /p #J-18808-Ljbffr