Summary

At Hyatt Hotels, Cyber Security is a very important part of our mission to take care of people so they can be their best.  The Lead Engineer - Cyber Security will be a crucial contributor to Hyatt's mission, working to extend cyber security protections to our Franchise hotels and deploying the finest security technologies across our enterprise.  As the most senior individual contributor on the Cyber Security Engineering team, the Lead Engineer will supervise our deployment of Zero-Trust Network Access (ZTNA) technologies to our Franchise hotels and ensure our security technology deployments are appropriately managed and documented globally.  This highly technical role will have a high degree of visibility throughout the organization and will have a deeply meaningful impact on the safety and security of guest and colleague data.

Responsibilities

Responsibility for Hyatt's Zero Trust Network Access (ZTNA) program at Franchise, Owned, and Managed hotels.  Design and implement ZTNA profiles and policies globally to associate traffic patterns with people and follow modern network design patterns. 

Act as a technical liaison between Franchise owner/operator technology teams, the Cyber Security team, and the Franchise program office to reduce risk to guest and colleague information. 

Prepare and present updates for senior leadership on program maturity, conduct configuration reviews and work with Security Operations to ensure needed policy changes are rapidly implemented. 

Procure and implement industry-leading Endpoint Detection and Response (EDR) and Secure Web Gateway (SWG) technologies for our Franchise hotels, ensuring policies are documented and defined, and leaving no stone unturned in our quest to provide safety and security for guest and colleague information. 

Work with the Identity and Access Management team to deploy cutting-edge passwordless authentication technologies to our colleagues around the globe. 

Demonstrate a commitment to Hyatt core values.

The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.

Qualifications

Experience

Minimum of ten years’ experience in Cyber Security Engineering or Network Engineering preferred; however, any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptable. 

Experience working with Zero Trust Network Access (ZTNA) software and concepts required. 

Experience with network security policy at Layer 3 required.

Experience with IPSEC tunnels required.

Experience working in an organization with a Franchise model preferred.

Familiarity with cutting-edge security technologies such as Passwordless Authentication, Endpoint Detection and Response, and Security Incident and Event Management (SIEM) preferred.

Experience working in a high-intensity threat actor environment preferred.

Experience preparing and presenting status updates for executive leadership preferred.

Experience producing engineering documentation required. 

Knowledge of information systems terminology, controls, and practices. 

Proactive self-starter with ability to work independently and as part of a larger team. 

Strong verbal and written communication and presentation skills. 

Ability to effectively interact with different areas and levels of the organization, including executive leadership. 

Education

A Bachelor’s degree or better in Cyber Security, Network Engineering, Security Engineering, Information Systems, or any other security-related subject is preferred; however any combination of education, experience, and certification that demonstrates the candidate can be successful in the position is acceptable.

Certificates, Licenses, Registrations

Any of the CISA, CISM, or CISSP certifications are preferred; however, any combination of certification, education, and experience that demonstrates the candidate can be successful in the position is acceptable.

Computer Skills Needed to Perform this Job

Expert user of Microsoft suite (Word, PowerPoint, Excel).

Experience with Zero-Trust Network Access tools such as Zscaler and Netskope preferred.

Experience with Endpoint Detection and Response tools such as CrowdStrike and Carbon Black preferred.

Experience with SIEM tools such as Splunk or ELK preferred. 

Additional Comments and Requirements

Ability and willingness to operate in a fast-paced, complex corporate environment.

Travel may include approximately 5% of work time.