Security Analyst

Join to apply for the Security Analyst role at Cloudbeds What Makes Us Unique At Cloudbeds, we’re not just building software, we’re transforming hospitality. Our intelligently designed platform powers properties across 150 countries, processing billions in bookings annually. From independent properties to hotel groups, we help hoteliers transform operations and uplevel their commercial strategy through a unified platform that integrates with hundreds of partners. We do it with a completely remote team, building AI‑powered solutions that solve hoteliers’ biggest challenges. Since our founding in 2012, we’ve become the World’s Best Hotel PMS Solutions Provider and landed on Deloitte’s Technology Fast 500 again in 2024. How You’ll Make an Impact As a Security Analyst, you will play a crucial role in delivering an exceptional and secure product experience to our customers worldwide while ensuring the security and compliance of our systems, customers, and data. You will work cross‑functionally with individuals at every level—from Engineering to Sales and Executives—to communicate security best practices and enable the delivery of trusted, scalable, and reliable products leveraging modern technologies, tools, and standards. Your responsibilities will span the full security landscape, including implementation and ongoing monitoring of security tooling, responding to requests for proposals from prospective customers, daily monitoring of endpoint detection platforms, conducting penetration tests, discovering and remediating application vulnerabilities, managing compliance requests, leading company‑wide security training programs, and driving other security‑owned initiatives that reinvent the world of hospitality tech and travel. Our Security Team Our Security team thrives on open communication and mutual trust—we empower each other to work independently while providing the support needed to tackle high‑impact challenges that strengthen our security posture for both Cloudbeds and our customers. We’re proactive problem‑solvers who aren’t afraid to roll up our sleeves and get hands‑on, balancing our drive to work hard with a strong respect for work‑life balance and long‑term success. You’ll thrive here if you prioritize effectively, collaborate naturally, and bring positive energy to solving meaningful security challenges alongside teammates who genuinely have your back. What You Bring to the Team Lead incident response efforts including monitoring security alerts across multiple platforms, managing threat takedowns, and handling customer‑reported security incidents such as phishing alerts and data breaches. Develop and test incident response plans through scenario exercises and continuous improvement of our security playbooks and procedures. Implement and manage application security tooling including SAST/DAST solutions in CI/CD pipelines, container scanning, and code analysis platforms to strengthen our security posture. Conduct forensic analysis and investigations to identify attack vectors, assess impact, and drive remediation efforts across the organization. Build and maintain security policies, deliver company‑wide security awareness training and phishing campaigns, and drive security best practices across all teams. Support compliance certification initiatives including PCI Level 1 audits, vulnerability management programs, and cross‑team coordination on remediation efforts. Manage compliance requests and security reviews including GDPR/CCPA data privacy requirements, Quebec Law 25, third‑party security questionnaires, and prospective customer assessments. What Sets You Up for Success A bachelor's degree in a relevant field and 3+ years of experience in information security, or equivalent practical experience demonstrating a strong understanding of security operations, incident response, and compliance requirements. Excellent communication and diplomacy skills with the ability to collaborate effectively across diverse, multilingual teams and influence stakeholders at all levels—from engineers to executives—without relying on hierarchical authority. Deep knowledge of compliance frameworks and standards including PCI DSS Level 1, SOC 2, GDPR, CCPA, and emerging fintech regulations, with hands‑on experience navigating payment systems, gateways, processors, and associated security requirements. Proven experience with security monitoring and detection platforms, incident response tools, vulnerability management systems, and application security solutions including SAST/DAST tooling. Strong technical understanding of CI/CD pipelines, DevOps practices, and how they integrate with static code analysis tools, container scanning, and application security workflows to balance maintainability with security. Hands‑on experience with cloud infrastructure security, particularly AWS and Kubernetes, combined with the ability to assess risk versus implementation speed for security tooling and initiatives. A data‑driven mindset with strong problem‑solving abilities, leveraging metrics and proof‑of‑concepts to make informed decisions, coupled with excellent teamwork and time‑management skills to prioritize competing demands effectively. Bonus Skills to Stand Out Experience conducting security risk assessments and translating findings into actionable remediation plans across technical and business stakeholders. Hands‑on experience with security platforms such as CrowdStrike, AWS Security, GitHub Advanced Security, ZeroFox, KnowBe4, or PhishER. Industry certifications such as AWS Certified Security – Specialty, CISM, CompTIA Security+, or equivalent credentials demonstrating commitment to cybersecurity excellence. Work Authorization Please note that applicants must be currently authorized to work in the location where the position is located without requiring visa sponsorship. At this time, Cloudbeds is unable to provide sponsorship for work visas. What to Expect – Your Journey with Us Behind Cloudbeds’ revolutionary technology is a team of redefining what’s possible in hospitality. We’re 650+ employees across 40+ countries, bringing together elite engineers, AI architects, world‑class designers, and hospitality veterans to solve challenges others haven’t dared to tackle. Our diverse team speaks 30+ languages, but we all share one language: a passion for innovation and travel. From pioneering breakthroughs in machine learning to revolutionizing how hotels operate, we’re not just watching the future of hospitality unfold – we’re coding it, designing it, writing it and shipping it. If you’re ready to work alongside some of the brightest minds in tech who are obsessed with using AI to transform a trillion‑dollar industry, this is your chance to be part of something extraordinary. Company Awards to Check Out Best All‑In‑One Hotel Management System | HotelTechAwards (2025) Overall 10 Best Places to Work | HotelTechAwards (2025) Most Loved Workplace® Certified (2024) Top 10 People’s Choice (2024) Deloitte Technology Fast 500 (2024) Discover Our Benefits Remote First, Remote Always PTO in accordance with local labor requirements 2 corporate apartment accommodations for team member use for free (San Diego & São Paulo) Monthly Wellness Fridays – enjoy an extra long weekend every month Full Paid Parental Leave Home office stipend based on country of residency Professional development courses in Cloudbeds University Access to professional development, including manager training, upskilling and knowledge transfer. Everyone Is Welcome – A Culture of Inclusion Cloudbeds is proud to be an Equal Opportunity Employer that celebrates diversity in our global team We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Cloudbeds is committed to the full inclusion of all qualified individuals. As part of this commitment, Cloudbeds will ensure that persons with disabilities are provided reasonable accommodations in the hiring process. We encourage deaf, hard of hearing, deaf‑blind, and deaf‑disabled individuals to apply. If a reasonable accommodation is needed to participate in the job application or interview process or to perform essential job functions, please contact our HR team by phone at 858‑201‑7832 or via email at accommodations@cloudbeds.com. Cloudbeds will provide an American Sign Language (ASL) interpreter where needed as a reasonable accommodation for the hiring processes. To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Cloudbeds. Staffing, recruiting agencies, and individuals being represented by an agency are not authorized to use this site or to submit applications, and any such submissions will be considered unsolicited. Cloudbeds does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Cloudbeds employees, or any other company location. Cloudbeds is not responsible for any fees related to unsolicited resumes/applications. #J-18808-Ljbffr