Hyatt Hotels Corporation.
Chicago, IL, United States
Mar 16, 2023
Jun 29, 2023
Lead Analyst Cyber Security Operations (Remote Opportunity)','CHI012884','!*!The Opportunity
Hyatt seeks an enthusiastic Lead Analyst - Cyber Security Operations to join our Cyber Security Operations intelligence team where you’ll join a department of 26 field professionals who love what they do. In this role, you will be collaborating closely with the broader Global Digital & Technology team where you’ll be instrumental in continuing to make Hyatt a leading hospitality company. You’ll be part of a team that is passionate about diversity, equity, and inclusion, nurturing curiosity and new skills and building connections across the organization with stakeholders, colleagues, and guests.
Who We Are
At Hyatt, we believe in the power of belonging and cultivating a culture of care where our colleague’s become family. Since 1957, our colleagues and our guests have served as the heart of our business and made Hyatt one of the best hospitality brands in the world, with more than 1,200 hotel, all-inclusive, and wellness resort properties in 71 countries across six continents. As we continue to grow—we never lose sight of what’s most important: People.
We are in a time of extraordinary transformation. Passion for personal travel combined with the explosive growth of the global business has underpinned our growth for years. Hyatt is at the epicenter of the evolution of travel—and we are looking for passionate changemakers to be a part of our journey. At the heart of Hyatt is our shared belief that hospitality is more than just a job—it’s a career for people that care.
How We Care for Our People
Well-being is the ultimate realization of our purpose — we care for people so they can be their best. We believe this focus on our colleagues is the key to our success and we’ve earned a place on Fortune’s prestigious “100 Best Companies to Work For®” for the last eight years, ranking No. 16 in 2022.
We’re proud to offer exceptional corporate benefits which include:
•Annual allotment of free hotel stays at Hyatt hotels globally
•Flexible work schedule and location
•Work-life benefits including well-being initiatives such as a complimentary Headspace subscription, and a discount at the on-site fitness center
•A global family assistance policy with paid time off following the birth or adoption of a child as well as financial assistance for adoption
•Paid Time Off, Medical, Dental, Vision, 401K with company match
Our Commitment to Diversity, Equity, and Inclusion
Our success is underpinned by our diverse, equitable, and inclusive culture. We are committed to diversity across the board—from whom we hire and develop, the organizations we support, and whom we buy from and work with.
Being part of Hyatt means always having space to be you. Our global teams are a mosaic of cultures, ethnicities, genders, ages, abilities, and identities. We constantly strive to reflect the world we care for with teams that achieve and grow together. To learn more about our commitments to DE&I, please visit the Why Hyatt section of the Hyatt career page.
Who You Are
As our ideal candidate, you understand the power and purpose of our Culture of Care and embody our core values of Empathy, Inclusion, Integrity, Experimentation, Respect, and Well-being. You enjoy working with a close fun team, are results-driven, and want a variety of opportunities to develop personally and professionally.
At Hyatt Hotels, Cyber Security is an essential component of our mission to take care of people so they can be their best. The Lead Analyst - Cyber Security Operations will play a crucial role in advancing Hyatt's mission, working to extend cyber security protections to our Franchise hotels and managing the vast amounts of security log data Hyatt collects globally. As the most senior individual contributor on the Cyber Security Operations team, the Lead Analyst will supervise Franchise Managed Security Service Provider (MSSP) detections and engagement and will be responsible for managing Hyatt's own Security Incident and Event Monitoring (SIEM) infrastructure. This highly technical role will have a high degree of visibility throughout the organization and will have a deeply meaningful impact on the safety and security of guest and colleague data.
•Supervise Hyatt's technical relationship with third-party Managed Security Service Providers (MSSP) that provide security services to our portfolio of Franchise hotels, ensuring the MSSP appropriately detects and responds to security events affecting Franchise hotels according to established SLAs.
•Responsible for data management of Hyatt's Security Incident and Event Monitoring (SIEM) platform. Manage existing ingestions and create new log ingestions on demand, tune alerts and correlation searches, and update field parsing as required.
•Developing and updating Splunk dashboards, notable events, visualizations, forms, reports, alerts, as well as Splunk Apps, Technology Add-ons, and normalize data sources to the Common Information Model (CIM)
•Perform proactive threat hunting searches looking for signs of intrusion in both the Hyatt and Hyatt Franchise environments.
•Act as senior-most resource for both the in-house Security Operations team and for third-party MSSP services. Develop intimate knowledge of the computing environment and use that knowledge to differentiate legitimate from illegitimate behaviors.
•Prepare and present updates for senior leadership on threat detection program performance and review past incident response performance with Security Operations team to identify potential program improvements.
•The role rotates week-long 24x7 On-Call support with fellow team members.
•Demonstrate a commitment to Hyatt core values.
•Minimum of ten years’ experience in the Cyber Security Engineering, Operations, or Incident Response preferred; however, any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptable.
•Experience working with Security Incident and Event Monitoring (SIEM) software required.
•Experience working with a third-party Managed Security Service Provider (MSSP) required.
•Experience working in an organization with a Franchise model preferred.
•Familiarity with cutting-edge security technologies such as Zero-Trust Network Access, Password less Authentication, Endpoint Detection and Response, and Security Incident and Event Management required.
•Experience working in a high-intensity threat actor environment preferred.
•Experience preparing and presenting status updates for executive leadership preferred.
•Experience reviewing and updating Cyber Security Incident Response documentation required.
•Proficient with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
•Familiarity with threat hunting and adversary tactics and techniques (i.e., MITRE ATT&CK)
•Knowledge of information systems terminology, controls, and practices.
•Proactive self-starter with ability to work independently and as part of a larger team.
•Strong verbal and written communication and presentation skills.
•Ability to effectively interact with different areas and level of the organization, including executive leadership.
•A Bachelor’s degree or better in Cyber Security, Information Systems, or any other security-related subject is preferred; however, any combination of education, experience, and certification that demonstrates the candidate can be successful in the position is acceptable.
Certificates, Licenses, Registrations
•GIAC - Global Certified Incident Handler (GCIH), or any of the equivalent EC-Council, GIAC, ISC2 or ISACA certifications are preferred.
Splunk Power User or Splunk Admin certifications are preferred.
•Any combination of certifications, education, and experience that demonstrates the candidate can be successful in the position are acceptable.
Computer Skills Needed to Perform this Job
•Experience with EDR product like Crowdstrike, SentinelOne, Palo Alto & FireEye.
•Experience with Splunk Enterprise & Enterprise Security engineering and content development.
•Experience with Linux systems.
•Experience with Zero-Trust Network Access, Password less Authentication, and SIEM tools.
•Knowledge of Cloud Services such as AWS, Azure, Office365.
•Expert user of Microsoft suite (Outlook, Excel, PowerPoint & Word)
Additional Comments and Requirements
•Ability and willingness to operate in a fast-paced, complex corporate environment.
•Ability to be on call for cyber incidents impacting the organization.
•Travel may include approximately 5% of work time.
The position responsibilities outlined above are in no way to be construed as all-encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.
','US-IL-Chicago','','Hyatt Corporate Office, Chicago','','Yearly','US Dollar (USD)','Professional Staff/Corporate','Full-time','Technology','Lead Analyst Cyber Security Operations (Remote Opportunity)
Hyatt Hotels Corporation.
Website : http://www.hyatt.com