View Our Website View All Jobs

IT Security Analyst

People are at the core of Fareportal. We are one of the fastest growing travel technology companies in the world; our portfolio of travel brands, including flagship product CheapOair, receives over 100 million visitors annually.    

The IT Security analyst reports to the Security Operations Lead and will be the primary resource to manage and provide security operations, incident response management, access control, security general computing, security tools event  monitoring, and vulnerability mitigation. This role will be heavily engaged in the ensuring security compliances (e.g ISO 27001, PCI-DSS, security audits and risk remediation) as well as cyber security threat assessment and coordination.

Responsibilities

  • Monitor security event queues and recommend improvements based on events or incidents of security breaches in the areas of networks, applications, databases, systems, and endpoints.
  • Identify, categorize, prioritize and investigate correlated events.
  • Assist Fareportal’s IRT (Incident Response Team) and IT Infrastructure teams with device event correlation.
  • Perform investigation and triage of events and incidents and escalate according to SOCs SLAs.
  • Maintain and enhance the data encryption across the whole environment
  • Ensure security controls are in place for the site and compliance to security frameworks (e.g. ISO 27001, PCI-DSS etc.)
  • Ensure security awareness on the site by conducting security trainings and other innovative methods. 
  • Conduct security audits for the site and report non-compliances to security leadership.
  • Proactive engagement in the cyber security threat assessments. Document investigation results and provide relevant details for final analysis.
  • Support web Content Filtering Analysis, Development and Testing
  • Develop security technical documentation for internal and external use, 
  • Coordinate with site head and IT teams to fix highlighted security gaps.
  • Promote information security as an inherent part of the corporate culture.
  • Develop and effectively execute security project plans, work breakdown structure and task dependencies, communication plans, etc. as needed

Requirements

  • Minimum of 4-6  years of progressive experience in information and cyber security and  audit compliance, with specific focus on security tools and  frameworks of  security assessments like ISO 27001 and PCI-DSS.
  • Bachelor’s / Master's degree required.
  • Require understanding of Information Security practices for the network, servers, databases, applications, and advanced use of Information Security assessment techniques.
  • Working knowledge of network security tools, software development methodologies and practices, audit methodologies and security assessment tools, Application Security principles and protection mechanisms.
  • Methodical and organized, able to manage multiple opportunities, projects, and partners concurrently.
  • Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment.
  • Desired certificatoins: Certified Information System Auditor (CISA), Internal Security Assessor (ISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager ( CISM), SANS GCIH or CEH, Information Systems Security Management Professional (ISSMP), SANS, NSA

What we offer:

  • Competitive base salary
  • All benefits required by Mexican law: vacation time, vacation prime, Sunday and holiday prime, Christmas bonus, IMSS, INVFONAVIT and FONACOT
  • 2 days off, per week
  • Fun team environment
Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

150
Human Check*