Cloud Security Analyst

Remote from
Europe
Annual salary
Undisclosed
Salary information is not provided for this position. Check our Salary Directory to estimate the average compensation for similar roles.
Department
Cybersecurity
Employment type
Full Time,
Job posted
Apply before
10 Aug 2026
Experience level
Senior
Views / Applies
16 / 0

About Cloudbeds

One easy-to-use hospitality management suite that simplifies the working lives of hoteliers and hosts.

Actively Hiring
Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

Cloudbeds is seeking a Cloud Security Analyst to join their Security team in a remote role based in Europe. The position involves ensuring security and compliance of cloud systems, working with engineering to embed security into CI/CD pipelines, managing IAM policies, and monitoring cloud infrastructure. The ideal candidate has 5+ years of experience in cloud or application security, with strong AWS knowledge. This role requires a cross-functional mindset and excellent communication skills to collaborate with teams across the organization.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires advanced technical expertise in cloud security, compliance, and cross-team collaboration, which is challenging but not entry-level.

Salary Analysis

Median Highly Competitive
$125,000
US Market
$100k – 150k
0 $165k
AI Insight The salary range is not specified, but for a Cloud Security Analyst with 5+ years experience, the US market median is around $125,000. This role is remote in Europe, so the compensation may be adjusted based on location.

I am writing to express my interest in the Cloud Security Analyst position at Cloudbeds. With over five years of hands-on experience in cloud and application security, I have a proven track record of securing complex cloud environments and embedding security into development pipelines. At my previous role, I successfully led the implementation of IAM policies and container security tooling, reducing vulnerabilities by 30%.

I am particularly drawn to Cloudbeds' mission of transforming hospitality through technology and your commitment to innovation. My experience with AWS security services, compliance frameworks (PCI Level 1), and incident response aligns well with the responsibilities outlined. I am adept at communicating with diverse stakeholders, from engineering teams to executives, ensuring security is integrated seamlessly.

I am excited about the opportunity to contribute to a remote global team and help secure the platform that powers properties worldwide. Thank you for considering my application.

Can you describe your experience with securing CI/CD pipelines and implementing SAST/DAST tools?
In my previous role, I integrated SAST tools like SonarQube and DAST tools like OWASP ZAP into our Jenkins pipeline. I worked with developers to prioritize and remediate findings, reducing false positives by tuning rules. I also implemented secret scanning with GitGuardian to detect hardcoded credentials.
How would you manage IAM policies to enforce least privilege across AWS accounts?
I would start by auditing existing permissions using AWS IAM Access Analyzer to identify over-privileged roles. Then, I'd create custom policies with condition keys for specific resources. I'd also implement SCPs for organization-wide guardrails and use tools like CloudHealth for continuous monitoring.
Describe a time you handled a security incident in a cloud environment. What steps did you take?
When we detected an anomaly in AWS GuardDuty indicating a potential crypto miner, I isolated the instance by removing its security group. I then captured the instance's snapshot for forensics, reviewed CloudTrail logs, and analyzed the culprit AMI. We patched the vulnerability and updated our runbooks.
How do you stay up-to-date with the latest cloud security threats and best practices?
I regularly follow security blogs like AWS Security Blog, attend webinars by SANS, and participate in cloud security communities on Slack. I also hold certifications like AWS Certified Security Specialty and attend conferences like re:Inforce to learn about emerging threats.
Explain how you would conduct a vulnerability assessment for a Kubernetes cluster. What tools would you use?
I would start with image scanning using Trivy or Clair for container images. Then, use kube-hunter to check misconfigurations and run kube-bench to benchmark against CIS standards. I'd also enable runtime security with Falco for anomaly detection. Finally, I'd prioritize findings and collaborate with DevOps to remediate.

What Makes Us Unique
At Cloudbeds, we’re not just building software, we’re transforming hospitality. Our intelligently designed platform powers properties across 150 countries, processing billions in bookings annually. From independent properties to hotel groups, we help hoteliers transform operations and uplevel their commercial strategy through a unified platform that integrates with hundreds of partners. And we do it with a completely remote team. Imagine working alongside global innovators to build AI-powered solutions that solve hoteliers’ biggest challenges. Since our founding in 2012, we’ve become the World’s Best Hotel PMS Solutions Provider and landed on Deloitte’s Technology Fast 500 again in 2024 – but we’re just getting started. 

Location: Remote – (Europe)

How You’ll Make an Impact: 

As a Cloud Security Analyst on our Security team, you will help deliver an exceptional and secure product experience to our customers all around the world. You will play a crucial role in ensuring the security and compliance of our systems, customers and data. Working on security at Cloudbeds requires an adaptable cross-functional mindset. You should be comfortable talking to individuals at every level and space across the organization, from Engineering to Sales, and even Executives. 

Our Security strategy is to enable the delivery of trusted, scalable, and reliable products leveraging the best of modern technologies, tools, and standards. For the Cloud Security Analyst role, we are looking for someone who can communicate best practices across both a technology and organizational process space. Our best fit team members will have worked with a broad range of compliance regulation standards, application development best practices, and Security frameworks. You will participate in implementation and ongoing monitoring of security tooling at all edges of the security landscape. You will assist with Requests for Proposals from prospective customers, daily monitoring of endpoint detection platforms, conducting Pen-tests, application vulnerability discovery and remediation, compliance requests, company-wide security training programs, and more security owned initiatives! 

Our Security Team:

You will work with the Security team, and help us play our part in reinventing the world of hospitality tech and travel.

What You Bring to the Team:

  • Secure application stacks running in the cloud across their full lifecycle — from the codebase through the underlying infrastructure.
  • Embed security into CI/CD pipelines, partnering with DevOps and Engineering to shift security left (SAST, DAST, dependency/SCA, secrets, and IaC scanning).
  • Architect, implement, and maintain cloud-native security controls, configurations, and policies (network, encryption, logging).
  • Manage Identity and Access Management (IAM) policies, enforcing least privilege across cloud accounts.
  • Implement and manage container and Kubernetes security tooling (image scanning, runtime policies, admission controls).
  • Monitor cloud infrastructure for threats and anomalies (e.g., AWS GuardDuty) and triage alerts across platforms.
  • Conduct cloud vulnerability assessments and drive remediation alongside engineering teams.
  • Oversee application security operations, including code analysis tooling and remediation workflows.
  • Support incident response and forensics in cloud environments, including scenario testing and runbook updates.
  • Author and maintain clear, thorough security documentation, standards, and runbooks.
  • Collaborate with cross-functional teams and multi-level stakeholders to drive security initiatives company wide.
  • Collaborate on audits, compliance initiatives (PCI Level 1), and third-party security questionnaires.

What Sets You Up for Success:

  •  5 years of practical experience in cloud or application security.
  • Hands-on experience securing application stacks deployed in the cloud — both the code and the infrastructure behind it.
  • Strong experience with AWS security services and the ability to design and implement cloud-native controls.
  • Solid software development fundamentals: comfortable reading code, working in a repository, and reasoning about application vulnerabilities (e.g., OWASP Top 10).
  • Practical experience integrating security into CI/CD pipelines and DevOps workflows (SAST, DAST, SCA, secrets, and IaC scanning).
  • Experience with container and Kubernetes security (image scanning, runtime protection, policy enforcement).
  • Working knowledge of IAM concepts and least-privilege design across cloud environments.
  • Strong technical documentation skills — able to write clear standards, runbooks, and policies that engineers will actually use.
  • Strong communication, problem-solving and diplomacy skills. Our teams communicate in English, but few speak it as a first language.
  • Familiarity with compliance standards relevant to the cloud (PCI DSS, GDPR, SOC 2, etc.).
  • Understanding and evaluating short and long term risk vs implementation speed when selecting tooling.
  • Ability to wield security knowledge to resolve disputes rationally without hierarchical authority
  • A Bachelor’s Degree in a relevant field

Bonus Skills to Stand Out:

  • Certifications such as AWS Certified Security – Specialty, AWS Solutions Architect,
  • CCSP, or CompTIA Cloud+/Security+.
  • Scripting/automation experience (e.g., Python, Terraform) for security orchestration and infrastructure-as-code.
  • Direct experience with tools like GitHub Advanced Security, AWS Security Hub,
  • Crowdstrike, ArgoCD, Github Actions, Kubernetes, and GRPC.
  • Experience with cloud security automation and orchestration (SOAR, policy-as-code).
  • Experience with incident response planning and execution in cloud environments.
  • Experience working with a remote-first and globally distributed team.
  • Experience with Atlassian products [Jira/Confluence].
  • Travel industry experience is a plus but definitely not required.

#LI-IK1

 

What to Expect – Your Journey with Us
Behind Cloudbeds’ revolutionary technology is a team of redefining what’s possible in hospitality. We’re 650+ employees across 40+ countries, bringing together elite engineers, AI architects, world-class designers, and hospitality veterans to solve challenges others haven’t dared to tackle. Our diverse team speaks 30+ languages, but we all share one language: a passion for innovation and travel. From pioneering breakthroughs in machine learning to revolutionizing how hotels operate, we’re not just watching the future of hospitality unfold – we’re coding it, designing it, writing it, and shipping it. If you’re ready to work alongside some of the brightest minds in tech who are obsessed with using AI to transform a trillion-dollar industry, this is your chance to be part of something extraordinary.
Learn more online at cloudbeds.com
Company Awards to Check Out! 

  • Best All-In-One Hotel Management System | HotelTechAwards (2025)
  • Overall 10 Best Places to Work | HotelTechAwards (2025)
  • Most Loved Workplace® Certified (2024) 
  • Top 10 People’s Choice(2024)
  • Deloitte Technology Fast 500 (2024)

Discover our Benefits:

  • Remote First, Remote Always 
  • PTO in accordance with local labor requirements
  • Monthly Wellness Fridays – enjoy an extra long weekend every month
  • Full Paid Parental Leave
  • Home office stipend based on country of residency
  • Professional development courses in Cloudbeds University
  • Access to professional development, including manager training, upskilling and knowledge transfer.

Everyone is Welcome – A Culture of Inclusion

Cloudbeds is proud to be an Equal Opportunity Employer that celebrates the diversity in our global team! We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
Cloudbeds is committed to the full inclusion of all qualified individuals. As part of this commitment, Cloudbeds will ensure that persons with disabilities are provided reasonable accommodations in the hiring process. We encourage deaf, hard of hearing, deaf-blind, and deaf-disabled individuals to apply. If reasonable accommodation is needed to participate in the job application or interview process or to perform essential job functions, please contact our HR team by phone at (858) 201-7832 or via email at accommodations@cloudbeds.com. Cloudbeds will provide an American Sign Language (ASL) interpreter where needed as a reasonable accommodation for the hiring processes.
To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Cloudbeds. Staffing, recruiting agencies, and individuals being represented by an agency are not authorized to use this site or to submit applications, and any such submissions will be considered unsolicited. Cloudbeds does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Cloudbeds employees, or any other company location. Cloudbeds is not responsible for any fees related to unsolicited resumes/applications.
#LI-REMOTE

Apply now >

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

See a few more

Similar Cybersecurity remote jobs

Jobs Talent Salaries
Menu