PentesterHBX is the world’s leading technology partner, connecting and empowering the world of travel. We’re game-changers, disruptors, the people who bring together local and global brands in accommodation, transport, activities and payments through our network of 300,000 hotels worldwide, 60,000 hard to reach high value clients such as tour operators, travel agents and loyalty schemes across 140 source markets. We are tech-driven, with a customer-first philosophy, and commercial teams whose knowledge and relationships on the ground are second to none. And of course we have an amazing team! Our people, Team Hotelbeds, are the beating heart of the company who we encourage to ‘move fast, dream big and make the difference’ every day. In fact, we believe that it is tech + data + people that truly sets us apart in the market, alongside our ‘global approach, local touch’ mentality. We’re headquartered in Palma, Mallorca and employ around 3,500 people worldwide. PentesterTechnical assessment, implementation and maintenance of the security of the overall services at HBX, including services provided to customers, internal services and development processes. The main tasks include providing security guidelines, defining a robust CI/CD pipeline, allowing code to be validated for quality and security as well as deployed in a continuous fashion, and improving collaboration and productivity of software development teams in a secure way, among others.Pentest and threat investigation:Identify cyber security threats, identify the real impact and assist to fix it and perform technology watch related to industry trends, best practices, and competition.Vulnerability assessment:Recognizes the latest vulnerabilities and how quickly they could be resolvedSecurity training: Define security guidelines and deploy awareness programs to users and devops teamsDevOps Support:Support multiple agile teams across various platforms, environments, and instances about securitySecurity Configuration:Define and implement security best practices guidelines, including security best practices in the development life cycle and hardening configuration managementCode analysis:Design and implement secure automation solutions for development, testing, and production environments. Including pipelines end-to-end, from code commits to productionAutomation:Designnd implement secure automation solutions for development, testing, and production promotion including vulnerability scans and pentests What you will bringKnowledge of threat modelling and risk assessment techniquesUp-to-date knowledge of cybersecurity threats, current best practices and latest software.Prior experience in a Security role and / or Delivery areas.Experience and knowledge of programming languages and automation tools.Knowledge of the DevOps and Agile culture and principles.Knowledge about Kubernetes, Docker and Cloud environments AWS / GCP / Azure