About Us

Let’s go on an adventure together!

Hey there, we’re G Adventures. We’re one of the world’s leading small group travel companies, and we’ve always believed that travel isn’t just about where you go — it’s about how it changes you.

For the last 35 years, we’ve set out to do things differently. No cookie-cutter tours. No giant buses or cruise ships. And not to mention, as few selfie sticks as possible. Just real humans, travelling your heart out across the world with open minds and a non-stop desire to make our planet better, simply by exploring it. 

At G Adventures, our DNA (or GNA, if you will) is built on belonging — where bringing your authentic self to work every day isn’t just accepted, it’s downright celebrated. For our office crew — you wanna rock a t-shirt with your dog’s face on it? We say go for it. For our Chief Experience Officers —  you wanna hit the road and call some of the most epic places on Earth your home office? We love that — and we’ve got you. Wanna spend your days with people you genuinely like? Us too — and we’re pretty sure you’ll fit right in, wherever that is. 

Now about that career of yours — this is the kind of place where you can spread your wings and truly grow into your role. The best part? You get to do it all alongside a passionate, freakishly talented, one-of-a-kind bunch excited to produce top-notch work and spread a ridiculous amount of goodness at the same time. 

Feel like this could be the right fit? We think so too, and we’re already way too excited to meet you. 

About The Role

The Security Analyst is responsible for protecting the organization's systems, digital identities, and data from cyber threats through proactive monitoring, threat detection and incident response. This role involves collaborating with cross-functional teams to implement and maintain secure systems, conducting vulnerability assessments and ensuring compliance with industry standards and regulations. It also plays a key role in developing and refining security policies, incident response plans and disaster recovery procedures, while continually improving the organization's overall security posture.

This is a hybrid role based out of South Africa, where a minimum number of days as set by the region, is required in the Cape Town office.

What You'll be Doing

Threat Detection, Monitoring & Incident Response

• Monitor and analyze security logs, alerts, and vulnerabilities in real time to detect anomalous or malicious activity.

• Analyze identity-related security events (e.g., impossible travel, session hijacking, brute force attempts) within Okta and correlated SIEM logs.

• Oversee alert management, including triaging and escalation processes for on-call coverage.

• Develop and maintain use cases, detection rules, and alerts in security monitoring platforms (e.g., SIEM) to enhance visibility and coverage.

• Configuration and tuning to ensure the SIEM is ingesting signals from all relevant sources, including Identity Provider (IdP) logs.

• Identify and assess threat campaigns and suspicious activity, leading or supporting investigations into security breaches, policy violations, identity compromise events and anomalous behavior.

• Coordinate incident response processes, perform root cause analysis, and recommend long-term mitigations to prevent recurrence.

• Develop and maintain runbooks for common incident scenarios, including account takeover and credential compromise.

• Participate in proactive defense initiatives, including blue-team exercises, tabletop simulations, and security audits, to improve preparedness and identify potential threats.

• Provide clear, actionable insights to relevant teams to support timely prevention, detection, and resolution of security incidents.

Security Operations, Risk Management & Compliance

• Conduct comprehensive network and system vulnerability assessments, track identified vulnerabilities throughout their lifecycle, and coordinate timely remediation and follow-up with responsible teams.

• Ensure patch management processes are executed promptly in coordination with impacted stakeholders.

• Manage and secure the Okta IdP environment, including configuration of policies for MFA, SSO, and Adaptive Authentication.

• Oversee Identity Lifecycle Management (provisioning/deprovisioning) to ensure least-privilege access and prevent unauthorized access.

• Implement and tune Identity Threat Protection mechanisms to block high-risk sign-in attempts automatically.

• Track new vulnerability lifecycle from discovery to closure.

• Implement, configure, tune, and manage security tools and solutions, including EDR platforms, firewalls, and IDS/IPS systems, to align with organizational needs and security standards.

• Continuously review and update internal security policies, incident response procedures, and disaster recovery plans to reflect evolving threats and compliance requirements.

• Conduct risk assessments of systems, services, and third-party tools, and collaborate with leadership to implement new security initiatives, frameworks, and compliance controls.

• Monitor and maintain adherence to regulatory and industry-standard security frameworks through internal audits and control tests.

• Evaluate and test disaster recovery and data backup plans to ensure operational effectiveness.

• Conduct access review of high-risk applications.

• Support penetration testing efforts and coordinate remediation of findings.

• Run internal phishing simulations and support company-wide security awareness and training initiatives.

Collaboration, Communication & Knowledge Sharing

• Partner with infrastructure, engineering, and compliance teams to implement secure solutions and ensure secure system design.

• Provide guidance and support to team members during complex security challenges, and document operational procedures, tools, and incident handling processes to enable knowledge transfer and skills development.

• Collaborate with IT and HR teams to automate and secure onboarding and offboarding workflows within Okta.

• Communicate security risks, incidents, and prevention strategies effectively to technical and non-technical stakeholders, and serve as a point of contact for employee-reported security issues, escalating as appropriate.

Security Asset & Policy Management

• Maintain an up-to-date inventory and documentation of critical security tools, systems, processes, and policies, ensuring they are operational, accurate, and accessible for cybersecurity and incident management purposes.

• Ensure all security controls, procedures, and technologies are aligned with organizational policies and regulatory requirements.

Skills & Experience

• 3+ years of experience in a cybersecurity or security analyst role.

• Industry security certifications would be a plus: CompTIA Security+, CompTIA CySA+, ISC2 SSCP, CISSP, AWS Cloud Practitioner, AWS Solutions Architect.

• Hands-on experience with incident response, including investigating and resolving cyber security breaches.

• In-depth knowledge of cloud architecture and security, specifically with AWS and Azure.

• Familiarity with cloud-native security monitoring tools e.g. GuardDuty, Security Hub, Azure Sentinel.

• Proven experience administering and securing Okta environments (Workforce Identity, Universal Directory, MFA, Lifecycle Management).

• Hands-on experience with Identity Protection strategies, including Conditional Access policies and detecting identity-based attacks.

• Experience with endpoint security in Windows and Mac environments.

• Demonstrated experience in vulnerability management, including patching and remediation efforts.

• Proven track record of monitoring and managing security incidents, ensuring rapid response and compliance with security protocols.

• Practical experience working with security frameworks such as OWASP, MITRE ATT&CK, NIST, SOC2, and ISO27001.

• Expertise in using and managing cybersecurity tools like EDR, WAF, SIEM, Log Management, and Cloud Security Platforms.

• Advanced understanding of computer networking protocols such as TCP/IP, OSI, DNS, SSL/TLS, HTTP/S, and SAML.

• Proficiency in conducting security assessments, including vulnerability scanning, penetration testing and security risk analysis

• Skilled in web application security testing, network intrusion detection, data protection and security monitoring tools.

• Excellent communication skills, with the ability to explain complex technical concepts to non-technical stakeholders.

• Highly organized, with the ability to handle competing priorities and deadlines in a fast-paced environment.

• Strong critical thinking and problem-solving abilities, capable of identifying issues and proposing effective solutions under pressure.

• Ability to collaborate effectively with both technical and non-technical teams, ensuring clear and actionable communication.

What Do We Offer You?

• Competitive Total Rewards Package, including exclusive travel perks!

• Additional days off, including on your birthday!

• Vacation time for you to recharge

• Enhanced Parental Leave

• Meaningful Employee Recognition Program

• Learning and Growth Opportunities

• Employee Resource Groups

*Applicable based on location*

Please note that Artificial Intelligence (AI) is used in the selection or interview process.

G Adventures is an equal opportunity employer committed to fostering a diverse and inclusive work environment. We consider all qualified applicants.