Launched in 1998, this pioneering British-born brand has specialised in creating amazing experiences and unforgettable memories - from hotels, city breaks and holidays to theatre, entertainment and spa days. Experts in brightening up online travel, lastminute.com is among the worldwide leaders in the field, helping hundreds of thousands of customers every year find, and do, "whatever makes them pink".
lastminute.com is the European Travel-Tech leader in the dynamic holiday packages business, uniquely positioned to drive innovation-led growth.
Every month, lastminute.com reaches across all its websites and mobile apps (in 17 languages and 40 countries) 60 million unique users that search for and book their travel and leisure experiences. More than 1,200 people enjoy working with us and contribute to provide our audience with a comprehensive and inspiring offering of travel related products and services.
At the heart of our culture is a commitment of inclusion across race, gender, age sexual orientation, religion, gender identity or expression and accessibility. We strongly believe in an equal opportunity space, which is welcoming and celebrates the uniqueness of everyone who works here. We value different lived experiences and respect viewpoints, as we know unicity drives innovation. We want to make sure our people reflect the communities across the world we help travel.
lastminute.com is looking for an experienced and highly motivated Security Engineeer to join our growing IT Security Team.
For lastminute.com Privacy and Cyber Security are not only a need, but a fundamental pillar of the relationship with our customers, are clearly stated in our ESG principles.
With this approach, the ideal candidate is passionate about cybersecurity and constantly looking for a new way to improve it. He / she has great communication and organizational skills and ideally has previous experience in managing complex projects at international level.
Reporting directly to Chief IT Security Engineer, the Security Engineer is responsible for the definition, implementation, development of security solutions to create and maintain the safest operating environment.
The person will be in charge of ensuring our Systems and Software are designed and implemented with a Security by Design approach to reach the highest security standards. He/she will perform technical security assessments, code reviews and vulnerability testing to highlight risk, supporting lastminute.com tech department in discovering security issues and preserving international security certifications.
Key Responsibilities
Identify and engineer technical solutions to work towards a secure-by-default by switching toward a defensive mindset
Define and improve cyber threat operations model, design and deploy threat-based use cases, integrate technologies, and build processes that cut downtime to detect and respond to threats (eg. SIEM/Data Analytics) or enable other teams to do so.
Create vulnerability management assessments using a risk-based lens and develop technical solutions to help mitigate security vulnerabilities, preserving compliance with regulatory schemas such as PCI DSS and GDPR
Perform technical security assessments, code audits, and design reviews.
Communicate and influence Product teams on assessment outcomes.
Produce metrics and insights to help monitor vulnerability management strategy and programs.
Enable better security decisions with actionable and relevant threat intelligence.
Provide security guidance to the tech organization.
Work with strategic/technology partners and other stakeholders.
Essential
Minimum 3y experience in a similar role
Vulnerability Management and Cyber Threat Intelligence
Security Network architecture
Application Security and DevSecOps
Coding and Scripting experience
SIEM, SOAR, Security Posture Monitoring, and security architectures
Desirable
Incident Response Best Practices
Experience with attacks and mitigation methods
Knowledge of Threat Hunting, Digital Forensics and Malware Analysis, Penetration Testing, and Ethical hacking
Abilities
Solid project management experience in security complex projects, including defining scope, setting project timelines and milestones, driving team and deliverables, identifying risks, and managing issues.
Ability to work collaboratively and independently while managing multiple projects, assignments, and/or responsibilities
By joining our company, you will have the chance to: