Browse
···
Log in / Register
Summary: The CyberSecurity Operations Analyst drives the implementation, operation, and continuous improvement of security operations to protect HBX corporate environments from cyber threats. Highlights: 1. Collaborate across teams to ensure end-to-end security visibility and response. 2. Lead strategic SecOps initiatives and enhance detection capabilities. 3. Opportunity to work in an innovative and multicultural environment. HBX Group is the world’s leading technology partner, connecting and empowering the world of travel. We’re game\-changers, disruptors, the people who bring together local and global brands in accommodation, transport, activities and payments through our network of 300,000 hotels worldwide, 60,000 hard to reach high value clients such as tour operators, travel agents and loyalty schemes across 140 source markets. We are tech\-driven, with a customer\-first philosophy, and commercial teams whose knowledge and relationships on the ground are second to none. And of course we have an amazing team! Our people, Team HBX Group, are the beating heart of the company who we encourage to ‘move fast, dream big and make the difference’ every day. In fact, we believe that it is tech \+ data \+ people that truly sets us apart in the market, alongside our ‘global approach, local touch’ mentality. We’re headquartered in Palma, Mallorca and employ around 3,500 people worldwide. **JOB DESCRIPTION:** -------------------- The CyberSecurity Operations Analyst forms part of the team responsible for Security Operations and Incident Response capabilities, within the wider CyberSecurity team. The role involves driving the implementation, operation and continuous improvement of the security operations stack, including SIEM, EDR, SOAR, threat detection, and response processes, focusing on protecting HBX corporate environments from cyber threats. The role collaborates closely with Technology, Corporate IT and Platform teams to ensure end\-to\-end visibility, detection and response across network, endpoint, identity and cloud environments, aligning with Zero Trust principles. The goal is to build and run a scalable, proactive and intelligence\-driven Security Operations capability, while fostering a culture of collaboration, automation and continuous improvement. **Accountability and responsibilities** * Form part of the Corporate IT Security Operations team, supporting day\-to\-day activities, ensuring high\-quality outcomes and meeting service targets (detection, response, SLA). * Collaborate with the Head of Cyber Security and wider Technology teams to align on security operations roadmap and strategy. * Drive strategic SecOps initiatives, including enhancement of detection capabilities, automation (SOAR), and incident response maturity. * Operate, tune and continuously improve security monitoring platforms (e.g. SIEM such as CrowdStrike LogScale, EDR, NDR, SOAR). * Develop and maintain use cases, detection rules, correlation logic, and threat hunting queries, ensuring relevant and high\-fidelity alerts. * Act as an escalation point for complex security incidents, leading investigation, containment, eradication and recovery activities. * Support and lead incident response processes, ensuring rapid triage, root cause analysis and post\-incident improvement. * Collaborate with Network, Cloud and Platform teams to ensure proper telemetry, logging and integration across all security\-relevant systems. * Integrate and operate Zero Trust and access security controls (e.g. Zscaler ZIA/ZPA), ensuring visibility and alignment with security monitoring. * Execute and improve threat intelligence integration, mapping emerging threats to detection and response capabilities. * Contribute to proactive threat hunting, anomaly detection and adversary behavior analysis across corporate environments. * Ensure security events are properly ingested, normalized and enriched within SIEM/SOAR platforms. * Participate in security drills, tabletop exercises and incident simulations, improving readiness and response effectiveness. * Stay updated on threat landscape, attacker techniques (MITRE ATT\&CK), and security technologies, recommending improvements aligned with business needs. * Contribute to a culture of collaboration, automation and continuous improvement within the Security Operations team. * Participate in discussions regarding overall cybersecurity architecture, detection strategy and operational security posture **Position requirements** * Strong interpersonal and communication skills * Strong analytical and problem\-solving capabilities * Fluent in English and Spanish **Technical skills:** * Strong knowledge of Security Operations concepts (SIEM, SOAR, EDR, NDR, detection engineering, incident response) * Hands\-on experience with SIEM platforms (preferably CrowdStrike or equivalent) * Experience with EDR solutions (e.g. CrowdStrike Falcon) and endpoint telemetry analysis * Understanding of SOAR and security automation workflows * Knowledge of threat detection frameworks (MITRE ATT\&CK) and attacker techniques * Experience with Zero Trust security models and secure access technologies (Zscaler, identity integration, CASB) * Strong understanding of logging, telemetry pipelines and data correlation across systems * Familiarity with network, cloud and identity security concepts * Ability to work closely with Network and Platform teams to enhance visibility and controls * Understanding of incident handling processes, alert triage, escalation and RCA (Root Cause Analysis) **Experience** * Minimum 2 years of experience in Security Operations, SOC or Incident Response roles. Level 2 support as a minimum. * Previous experience in IT Operations or Cybersecurity environments * Proven hands\-on experience with SIEM, EDR and incident response in production environments * Experience in threat detection engineering or threat hunting * Exposure to cloud security, identity security or network security monitoring * Experience working in global or distributed environments You will have the opportunity to work for a company that is going through significant change in becoming the world´s leading travel services provider. We are looking for people that are ready to ride the wave in this exciting journey. As well as an attractive benefits package you will be able to work: * Within an innovative, engaging and multicultural environment. * Have the opportunity to build strong and lasting business relationships and friendships from around the world. * Have the opportunity in developing your career locally or within one of our beautiful working locations across the globe.
