Description
Guesty is the all-in-one platform helping hospitality businesses around the world automate, optimize, and scale their operations. We’re a fast-growing global startup that’s transforming how the industry works — from guest experience to business growth.
With a powerful suite of features and integrations with 150+ industry partners — including Airbnb, Vrbo, Booking.com, Expedia, Google Travel, and many more — Guesty empowers property managers to deliver top-tier guest experiences while running more efficient, data-driven operations.
We’re proud to have over 900+ team members across 16 countries worldwide, all working together to build the future of hospitality technology.
If you’re looking to grow your career in a dynamic, global, and impact-driven environment, we’d love to hear from you.
We are looking for a Senior Cybersecurity Engineer to join our team.
As a Senior Cybersecurity Engineer, you are the architect and the guardian of our digital fortress. This role isn't just about reacting to threats; it’s about anticipating them, building resilient systems, and mentoring the next generation of defenders. You will bridge the gap between high-level security strategy and hands-on technical execution.
The Ideal Candidate is someone who thinks like an attacker but builds like an engineer. You don't just find a hole; you understand the systemic reason it existed and fix the process. You can explain a complex "Man-in-the-Middle" attack to a CEO without making their head spin, and you stay calm when the "Critical" alerts start firing on a Friday afternoon.
Proactiveness as a way of life - always think what the next attack vector will be, and where we should invest our efforts to prevent the next attack.
Success in this role is measured by a reduction in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), as well as the successful hardening of our CI/CD pipelines.
Responsibilities
Responsibilities:
- Security Architecture & Design: Lead the design and implementation of robust security infrastructures across cloud (AWS/Azure/GCP) and on-premise environments.
- Incident Response & Forensics: Act as a Tier 3 escalation point for security breaches. Lead post-mortem analyses to ensure "lessons learned" become "vulnerabilities patched."
- Engineering & Automation: Develop automated scripts (Python, Bash, or PowerShell) to streamline security monitoring and incident response workflows.
- Vulnerability Management: Oversee continuous scanning, penetration testing coordination, and the remediation of discovered weaknesses.
- Compliance & Governance: Ensure our systems align with industry standards such as ISO 27001, SOC2, NIST, or HIPAA.
- Mentorship: Provide technical leadership to junior engineers and conduct security awareness training across the organization.
Requirements
Requirements:
- At least 5 years of experience as a cybersecurity engineer in a cloud-based environment, with vast hands-on experience
- Network Security: Firewalls (Palo Alto/Cisco), IDS/IPS, VPNs, Zero Trust Architecture.
- Cloud Security: IAM policies, KMS, CloudTrail, Container Security (Kubernetes/Docker).
- Tools: SIEM (Splunk/Sentinel), EDR (CrowdStrike/SentinelOne), Wireshark, Metasploit.
- DevSecOps: Integrating security into CI/CD pipelines (GitHub Actions, Jenkins), managing the bug bounty program, validating the findings, and working with the teams to resolve the findings.
- Compliance and GRC: Experience with audit processes such as SOC2 Type 2 and PCI-DSS, using compliance management platforms (Vanta / Scytale)
- Certifications: CISSP, CISM, CEH, or AWS Certified Security Specialty.
Guesty is proud to be an Equal Opportunity Employer. We provide equal employment opportunities to all employees and applicants regardless of race, color, religion, sex, age, national origin, disability, veteran status, pregnancy, sexual orientation, or any other characteristic protected by law.