Cloud Security Analyst

Cloudbeds is a company transforming hospitality with an AI-powered platform that supports properties across 150 countries, processing billions in bookings annually. The company has over 650 employees across 40+ countries and focuses on innovation in hospitality technology.

• 5 years of practical experience in cloud or application security.
• Hands-on experience securing application stacks deployed in the cloud.
• Strong experience with AWS security services and cloud-native controls.
• Solid software development fundamentals and understanding of application vulnerabilities (e.g., OWASP Top 10).
• Practical experience integrating security into CI/CD pipelines and DevOps workflows.
• Experience with container and Kubernetes security.
• Working knowledge of IAM concepts and least-privilege design.
• Strong technical documentation skills.
• Strong communication, problem-solving, and diplomacy skills.
• Familiarity with compliance standards relevant to the cloud (PCI DSS, GDPR, SOC 2).
• Ability to evaluate risk versus implementation speed when selecting tooling.
• Ability to resolve disputes rationally without hierarchical authority.
• Bachelor's Degree in a relevant field.

Nice to have:

• Certifications such as AWS Certified Security – Specialty, AWS Solutions Architect, CCSP, or CompTIA Cloud+/Security+.
• Scripting/automation experience (e.g., Python, Terraform) for security orchestration and infrastructure-as-code.
• Experience with tools like GitHub Advanced Security, AWS Security Hub, Crowdstrike, ArgoCD, Github Actions, Kubernetes, and GRPC.
• Experience with cloud security automation and orchestration (SOAR, policy-as-code).
• Experience with incident response planning and execution in cloud environments.
• Experience working with a remote-first and globally distributed team.
• Experience with Atlassian products (Jira/Confluence).
• Travel industry experience is a plus but not required.

• Secure application stacks running in the cloud across their full lifecycle, from codebase to infrastructure.
• Embed security into CI/CD pipelines, partnering with DevOps and Engineering (SAST, DAST, dependency/SCA, secrets, and IaC scanning).
• Architect, implement, and maintain cloud-native security controls, configurations, and policies (network, encryption, logging).
• Manage Identity and Access Management (IAM) policies, enforcing least privilege across cloud accounts.
• Implement and manage container and Kubernetes security tooling (image scanning, runtime policies, admission controls).
• Monitor cloud infrastructure for threats and anomalies and triage alerts.
• Conduct cloud vulnerability assessments and drive remediation with engineering teams.
• Oversee application security operations, including code analysis tooling and remediation workflows.
• Support incident response and forensics in cloud environments, including scenario testing and runbook updates.
• Author and maintain security documentation, standards, and runbooks.
• Collaborate with cross-functional teams and stakeholders to drive security initiatives company-wide.
• Collaborate on audits, compliance initiatives (PCI Level 1), and third-party security questionnaires.

Cloudbeds is an Equal Opportunity Employer committed to diversity and inclusion. Reasonable accommodations are provided in the hiring process for persons with disabilities, including American Sign Language (ASL) interpreters. Staffing and recruiting agencies are not authorized to submit applications on behalf of candidates.