Security Analyst

About Us G Adventures is the world’s largest small-group adventure travel company and we’ve been making epic travel memories happen on all seven continents for over 30 years.Our mission is simple: to change lives through travel. And not just our travelers’ either. Since day one, our tours have been built to establish meaningful relationships with local communities, directly benefiting the people and places we visit at every step of our tours.With the demand for travel coming back strong, we are set up and excited for this next chapter in our company’s story — and we’d love for you to be a part of it.Our DNA revolves around building, nurturing, and developing a diverse culture of people and a true sense of belonging, where everyone is encouraged to bring their authentic self to work each and every day. You’ll have the opportunity to grow your career, and yourself, alongside a passionate, talented, and welcoming community that works hard to spread goodness around the world.If all that sounds like your kind of thing, well, we can’t wait for you to join us. About The Role The Security Analyst is responsible for protecting the organization's systems, digital identities, and data from cyber threats through proactive monitoring, threat detection and incident response. This role involves collaborating with cross-functional teams to implement and maintain secure systems, conducting vulnerability assessments and ensuring compliance with industry standards and regulations. It also plays a key role in developing and refining security policies, incident response plans and disaster recovery procedures, while continually improving the organization's overall security posture. This is a hybrid role based out of South Africa, where a minimum number of days as set by the region, is required in the Cape Town office. What You'll be Doing Threat Detection, Monitoring & Incident Response Monitor and analyze security logs, alerts, and vulnerabilities in real time to detect anomalous or malicious activity. Analyze identity-related security events (e.g., impossible travel, session hijacking, brute force attempts) within Okta and correlated SIEM logs. Oversee alert management, including triaging and escalation processes for on-call coverage. Develop and maintain use cases, detection rules, and alerts in security monitoring platforms (e.g., SIEM) to enhance visibility and coverage. Configuration and tuning to ensure the SIEM is ingesting signals from all relevant sources, including Identity Provider (IdP) logs. Identify and assess threat campaigns and suspicious activity, leading or supporting investigations into security breaches, policy violations, identity compromise events and anomalous behavior. Coordinate incident response processes, perform root cause analysis, and recommend long-term mitigations to prevent recurrence. Develop and maintain runbooks for common incident scenarios, including account takeover and credential compromise. Participate in proactive defense initiatives, including blue-team exercises, tabletop simulations, and security audits, to improve preparedness and identify potential threats. Provide clear, actionable insights to relevant teams to support timely prevention, detection, and resolution of security incidents. Security Operations, Risk Management & Compliance Conduct comprehensive network and system vulnerability assessments, track identified vulnerabilities throughout their lifecycle, and coordinate timely remediation and follow-up with responsible teams. Ensure patch management processes are executed promptly in coordination with impacted stakeholders. Manage and secure the Okta IdP environment, including configuration of policies for MFA, SSO, and Adaptive Authentication. Oversee Identity Lifecycle Management (provisioning/deprovisioning) to ensure least-privilege access and prevent unauthorized access. Implement and tune Identity Threat Protection mechanisms to block high-risk sign-in attempts automatically. Track new vulnerability lifecycle from discovery to closure. Implement, configure, tune, and manage security tools and solutions, including EDR platforms, firewalls, and IDS/IPS systems, to align with organizational needs and security standards. Continuously review and update internal security policies, incident response procedures, and disaster recovery plans to reflect evolving threats and compliance requirements. Conduct risk assessments of systems, services, and third-party tools, and collaborate with leadership to implement new security initiatives, frameworks, and compliance controls. Monitor and maintain adherence to regulatory and industry-standard security frameworks through internal audits and control tests. Evaluate and test disaster recovery and data backup plans to ensure operational effectiveness. Conduct access review of high-risk applications. Support penetration testing efforts and coordinate remediation of findings. Run internal phishing simulations and support company-wide security awareness and training initiatives. Collaboration, Communication & Knowledge Sharing Partner with infrastructure, engineering, and compliance teams to implement secure solutions and ensure secure system design. Provide guidance and support to team members during complex security challenges, and document operational procedures, tools, and incident handling processes to enable knowledge transfer and skills development. Collaborate with IT and HR teams to automate and secure onboarding and offboarding workflows within Okta. Communicate security risks, incidents, and prevention strategies effectively to technical and non-technical stakeholders, and serve as a point of contact for employee-reported security issues, escalating as appropriate. Security Asset & Policy Management Maintain an up-to-date inventory and documentation of critical security tools, systems, processes, and policies, ensuring they are operational, accurate, and accessible for cybersecurity and incident management purposes. Ensure all security controls, procedures, and technologies are aligned with organizational policies and regulatory requirements. Skills & Experience 3+ years of experience in a cybersecurity or security analyst role. Industry security certifications would be a plus: CompTIA Security+, CompTIA CySA+, ISC2 SSCP, CISSP, AWS Cloud Practitioner, AWS Solutions Architect. Hands-on experience with incident response, including investigating and resolving cyber security breaches. In-depth knowledge of cloud architecture and security, specifically with AWS and Azure. Familiarity with cloud-native security monitoring tools e.g. GuardDuty, Security Hub, Azure Sentinel. Proven experience administering and securing Okta environments (Workforce Identity, Universal Directory, MFA, Lifecycle Management). Hands-on experience with Identity Protection strategies, including Conditional Access policies and detecting identity-based attacks. Experience with endpoint security in Windows and Mac environments. Demonstrated experience in vulnerability management, including patching and remediation efforts. Proven track record of monitoring and managing security incidents, ensuring rapid response and compliance with security protocols. Practical experience working with security frameworks such as OWASP, MITRE ATT&CK, NIST, SOC2, and ISO27001. Expertise in using and managing cybersecurity tools like EDR, WAF, SIEM, Log Management, and Cloud Security Platforms. Advanced understanding of computer networking protocols such as TCP/IP, OSI, DNS, SSL/TLS, HTTP/S, and SAML. Proficiency in conducting security assessments, including vulnerability scanning, penetration testing and security risk analysis Skilled in web application security testing, network intrusion detection, data protection and security monitoring tools. Excellent communication skills, with the ability to explain complex technical concepts to non-technical stakeholders. Highly organized, with the ability to handle competing priorities and deadlines in a fast-paced environment. Strong critical thinking and problem-solving abilities, capable of identifying issues and proposing effective solutions under pressure. Ability to collaborate effectively with both technical and non-technical teams, ensuring clear and actionable communication. What do we offer you? Competitive salary commensurate with the role Competitive benefits package Birthday day off Vacation time for you to recharge Enhanced Parental Leave Learning and growth opportunities Employee Resource Groups *Applicable based on location* G Adventures is an equal opportunity employer committed to fostering a diverse and inclusive work environment. We consider all qualified applicants. #J-18808-Ljbffr