Cyber Security Operations Specialist

Summary

Join Hostaway, a leading SaaS company in the vacation rental industry, as a fully remote Cyber Security Operations Specialist based in Latin America (UTC-3 to UTC-6). Drive the technical and procedural aspects of security operations, monitoring and optimizing security tools, and proactively mitigating threats. Respond to incidents, collaborate with teams, and develop and refine security processes, including incident response playbooks and vulnerability management workflows. Analyze bug bounty submissions, conduct threat hunting, and ensure security is integrated into daily business operations. This role is crucial to Hostaway's continued growth and offers competitive compensation, equity, and professional development opportunities.

Requirements

• 5+ years of experience in security, with a focus on cyber security operations
• Hands-on experience with security tools such as EDR, MDM, IAM, SIEM, Cloud Security Posture Management (CSPM)
• Strong understanding of incident detection, response, and root cause analysis for threats, including malware, phishing, and data breaches
• Experience developing, documenting, and maintaining security processes, incident response playbooks, and operational runbooks to ensure consistency and continuous improvement
• Experience in vulnerability management: prioritizing CVEs, tracking patching SLAs, validating fixes, and enforcing baseline configurations (e.g., CIS benchmarks for cloud and endpoints)
• Proficiency in monitoring, tuning, and integrating security tools such as EDR, XDR, IdP, Email Security, DLP, and Mobile Device Management
• Ability to manage user access controls, conduct periodic reviews, enforce MFA and privileged access policies, and support technical evaluations to prevent privilege misuse

Responsibilities

• Monitor and optimize a suite of security tools
• Proactively take actions to keep us safe
• Respond to incidents
• Collaborate with teams to ensure security is integrated into our daily business
• Develop, document, and refine processes like incident response playbooks, vulnerability management workflows, and user access audits for offboarding compliance
• Ensure our approach is consistent, auditable, and continuously improving
• Proactively defend against threats while building a mature, process-driven security culture
• Start your day with personal time to review overnight alerts and events from tools like EDR, MDM and IdP
• Check for any critical incidents or trends that may require immediate attention
• Join the daily team sync for 15 minutes
• Share priorities, escalate blockers or urgent findings, and align on the day's focus areas
• Address any critical or urgent matters first: triage and respond to high-priority incidents, coordinate immediate containment or remediation actions, and update incident response documentation as needed
• Follow up with stakeholders (engineering, IT, operations, business units) on the status of open vulnerabilities, patching progress, and access reviews
• Track remediation SLAs and ensure accountability for outstanding issues
• Work on improving and maintaining security processes: update playbooks, refine response procedures, and document lessons from recent incidents for continuous improvement
• Analyze new bug bounty submissions and coordinate with engineering to plan and verify fixes
• Monitor and tune security tools (e.g., SIEM, EDR, MDM) for new alerts, misconfigurations, or suspicious activity
• Schedule or review phishing simulations and assign targeted training if needed
• Conduct proactive threat hunting in SIEM logs and threat intelligence feeds, looking for indicators of compromise or emerging attack patterns
• Document the day's investigations, update incident and vulnerability records, and prepare summary reports for compliance needs
• Support the team and stakeholders, automate repetitive tasks, and work on process improvements

Benefits

• Competitive Compensation: We offer competitive pay based on market rates in the country of the applicant
• 100% Remote: Enjoy the freedom to work from anywhere within your country of residence—be it a co-working space, your home office, or even your dining room table
• Equity: Every role in our company comes with valuable stock options in a fast-growing and profitable company
• Values-Driven Leadership: Our Core Values are not just words we’ve written to make us feel good
• Professional Growth: Our rapid growth offers unparalleled learning and development opportunities, along with a multitude of career advancement opportunities
• Annual Paid Leave: The specific amounts vary by country and are aligned with country and/or contract-specific norms
• Geographic Specific Benefits: As an international employer, we offer different country-specific benefits such as Health Insurance and Pensions in countries where these perks are customary