IT Security Specialist

To apply for this job you must be willing to work in the time zone Lisbon.

This role is based in Portugal. We have an office hub in Porto available for those who prefer a hybrid model where you can spend time with colleagues in-person. You will need to be able to commute to our office hub as required from time to time.

WHO YOU'LL WORK WITH

The IT Security Specialist is responsible for safeguarding Hostelworld’s internal IT estate and external customer-facing services. This role provides technical leadership in security operations, governance, risk, and compliance, and acts as the primary incident commander during security events.
WHAT YOU'LL DO

• Lead security operations (SecOps), including monitoring alerts (SIEM, EDR, anti-phishing), vulnerability management, and patching coordination.
• Embed security reviews into new projects and feature development, ensuring security is integral to all technology initiatives.
• Own and manage security tooling (Eramba, Taegis, Purview, etc.).
• Audit user access privileges, enforcing “Least Privilege” principles.
• Monitor the public internet for brand impersonation
• Review global threat intelligence and security news to proactively adjust defences.
• Develop and deliver security awareness training and education programmes for all staff.
• Manage governance, risk, and compliance (GRC), contributing to ISO-27001 compliance project and conducting security vetting of third-party vendors.
• Support audits (PCI and other regulatory)
• Coordinate incident response and lead table-top exercises to test company resilience.
• Define and implement effective security controls, policies, and systems in collaboration with other teams.

WHAT WE’RE LOOKING FOR

• Deep familiarity (5+ years) with state-of-the-art security software solutions for corporate IT and cloud services. 
• Experience managing outsourced solution vendors, internal staff, and external IT provider partners. 
• Successful track record in delivering support to remote sites and designing IT security solutions for end-user computing, networks, communications infrastructure and cloud-based infrastructure. 
• Experience working with external auditors 
• Strong motivational and people skills, fostering a collaborative and open culture. 
• Excellent organisational and time-management skills, with the ability to manage processes efficiently and deliver objectives with urgency. 
• Commitment to high engineering standards, driving security change and innovation pragmatically. 
• Clear and purposeful communication with stakeholders across the organisation, taking ownership of work and responsibility for outcomes

WHAT WE OFFER

• Competitive salary & benefits 
• Enhanced annual leave plus 3 Wellbeing Days per year 
• Paid family leave (maternity, paternity, surrogacy & adoption) 
• Agile working (plus a Working from Abroad Policy!) 
• Support for your ongoing growth & development 
• Inclusive people policies (sickness, menopause, compassionate and fertility leave) 
• A chance to give back to your local community with 5 paid volunteering days

 

OUR BEHAVIOURS

• Grow others - We fundamentally believe that investing in growing others benefits everyone, whether it's helping them develop hard or soft skills. We want learning and growing to be part of our DNA to help makes us a better team, together.
• Master it - We are obsessed with our area of expertise and enjoy developing our skills. We rarely take things at face value; we investigate, interrogate, and always look for ‘the why,’ and wherever possible, we use data to find the best solution.
• Collaborate - We are in it together, for the tough stuff and the celebrations too. To achieve the best results, we need expertise from all areas of the organisation, and we wholeheartedly welcome diverse thinking.
• Adapt - We work fluidly, adapting to new information and the evolving environment while staying committed to our goals. Innovation and experimentation fuel our projects and we’re never afraid to pivot.
• Deliver - Our focus is always on the end result; we value outcomes over activity. We collaborate to deliver work at speed without dropping any of our other behaviours.

 

We believe in talented and diverse teams that reflect the diversity of our customers and the communities in which we operate. Everyone brings different perspectives and experiences. We lay out the above requirements to guide applicants to the experiences that we believe will allow you to be successful in the role. If you don’t meet them all, please consider applying if you think you can still perform the role as described.