Security Analyst

Posted Jan 6

Cloudbeds provides the platform that powers hospitality, driving streamlined operations, increasing reservations and revenue, and enabling memorable guest experiences for lodging businesses of all sizes and types. Named the No. 1 PMS and No. 1 Hotel Management System by Hotel Tech Report in 2022, Cloudbeds is trusted by properties across the globe for its award-winning front desk, revenue, distribution, guest acquisition and guest engagement solutions seamlessly combined in a single unified system. 

Behind the Cloudbeds platform is a growing team of 700+ employees distributed across 40+ countries speaking 30+ languages. From data architects to UX designers, integrations managers to payments experts, former hotel managers to former OTA executives, our team comprises the brightest minds in technology and hospitality working to solve the industry’s biggest challenges.

From the beginning, we've believed that our people are our greatest asset, so we founded the company as #RemoteFirst, #RemoteAlways with shared core values that allow our team to thrive. This means we:

  • Hire the best people around the world;
  • Emphasize the value of results over hours put in;
  • Provide flexibility in working hours and locations;
  • Foster an inclusive environment that celebrates bold thinking and diverse perspectives;
  • Offer open vacation policies, free LinkedIn Learning, and other benefits that promote well-being and professional development.

Together we're on a mission to power every property in the world and to do that, we need to find the best talent in the world. That's why we're on the search for a highly skilled Security Analyst, to work with the Security team, and help us play our part in reinventing the world of hospitality tech and travel.

As a Security Analyst on our Security team, you will help deliver an exceptional and secure product experience to our customers all around the world. You will play a crucial role in ensuring the security and compliance of our systems, customers and data. Working on security at Cloudbeds requires an adaptable cross-functional mindset. You should be comfortable talking to individuals at every level and space across the organization, from Engineering to Sales, and even Executives. 

Our Security strategy is to enable the delivery of trusted, scalable, and reliable products leveraging the best of modern technologies, tools, and standards. For the Security Analyst role, we are looking for someone who can communicate best practices across both a technology and organizational process space. Our best fit team members will have worked with a broad range of compliance regulation standards, application development best practices, and Security frameworks. You will participate in implementation and ongoing monitoring of security tooling at all edges of the security landscape. You will assist with Requests for Proposals from prospective customers, daily monitoring of endpoint detection platforms, conducting Pen-tests, application vulnerability discovery and remediation, compliance requests, company-wide security training programs, and more security owned initiatives! 

Location: Remote - Canada

What You Will Do: 

  • Collaborate with cross-functional teams and multi-level stakeholders to drive Security concerns and initiatives company wide.
  • Review and monitor security alerts over multiple platforms.
  • Manage the takedowns against bad actors across our attack surfaces.
  • Conduct company security awareness training and phishing campaigns.
  • Collaborate on audits and compliance certification initiatives (PCI Level 1).
  • Handle vulnerability scanning disputes and remediations with communications across teams and subject matter experts.
  • Assist with data privacy compliance regulation requests and company-wide initiatives and messaging (GDPR, CCPA, Quebec Law 25).
  • Collaborate to complete third-party questionnaires and security reviews from prospective customers.
  • Oversee application security operations, including code analysis tool implementation and container scanning.
  • Implement incident response scenario testing and updating incident response plans.
  • Handle various security-related requests from customers, including phishing alerts, data breaches, and compliance issues.
  • Update and maintain security documentation and policies.

You’ll Succeed With: 

  • A Bachelor's Degree in a relevant field and 2 years of experience or a minimum of 3 years of practical experience in information security, with a demonstrated understanding of the specified job requirements 
  • Strong communication, problem-solving and diplomacy skills. Our teams communicate in English, but few speak it as a first language
  • Strong familiarity with compliance standards - existing and emerging (PCI DSS, GDPR, CCPA, etc.).
  • Experience with various security monitoring tools and platforms
  • Knowledge of application security best practices and tools.
  • A strong business sense and ability to collaborate with leadership and non-technical stakeholders on highly visible projects
  • Familiarity with Payment Systems and Processes, such as Payment Gateways and Processors and Online payment platforms. As well as experience with the Payment Card Industry Data Security Standard (PCI DSS) and Emerging -- Fintech-related -- Payment Technologies.
  • Ability to wield security knowledge to resolve disputes rationally without hierarchical authority.
  • A passion for data-driven decision making (metrics, experiments, proof of concepts)
  • Understanding and evaluating short and long term risk vs implementation speed for different toolings.
  • Basic Understanding of CI/CD Pipelines, DevOps, maintainability and how they relate to static code analysis tooling.
  • Strong teamwork, and time management skills.
  • Experience with cloud infrastructure and security (AWS, Docker, Kubernetes).

Nice to Have: 

  • Direct Experience with Crowdstrike, AWS GuardDuty, SonarQube, ZeroFox, KnowBe4 or PhishER
  • Experience with incident response planning and execution.
  • Certifications related to cybersecurity and information security. Ex: CISM, or CompTIA Security+ 
  • Experience working with a remote-first and globally distributed team.
  • Travel industry experience is a plus but definitely not required!
  • Experience with Atlassian products [Jira/Confluence/Bitbucket] and/or Github.

Compensation: Depending on your skills and experience, you can expect your annual compensation to be between $55-$61K CAD

#LI-REMOTE #LI-SD1

Our company culture supports flexible working schedules with an open Paid Time Away policy and gives all team members the opportunity to travel and work remotely with great people. If you think you have the skills and passion, we’ll give you the support and opportunity to thrive in your career. If you would like to be considered for the role, we would love to hear from you!

Company Awards to Check Out! 

  • Best Places to Work | HotelTechReport (2018-2023)
  • Best PMS | HotelTechReport (2021-2023)
  • Technology Fast 500 | Deloitte (2023)
  • Fastest Growing Companies | Inc. 5000 (2022)
  • Best Startup Employers | Forbes (2022)
  • Best Remote Companies to Work | BuiltIn (2022)

Cloudbeds is proud to be an Equal Opportunity Employer that celebrates the diversity in our global team! We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Cloudbeds is committed to the full inclusion of all qualified individuals. As part of this commitment, Cloudbeds will ensure that persons with disabilities are provided reasonable accommodations in the hiring process. We encourage deaf, hard of hearing, deaf-blind, and deaf-disabled individuals to apply. If reasonable accommodation is needed to participate in the job application or interview process or to perform essential job functions, please contact our HR team by phone at 858-201-7832 or via email at accomodations@cloudbeds.com. Cloudbeds will provide an American Sign Language (ASL) interpreter where needed as a reasonable accommodation for the hiring processes.

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Cloudbeds. Staffing, recruiting agencies, and individuals being represented by an agency are not authorized to use this site or to submit applications, and any such submissions will be considered unsolicited. Cloudbeds does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Cloudbeds employees, or any other company location. Cloudbeds is not responsible for any fees related to unsolicited resumes/applications.