We are pleased that you are exploring Hyatt Hotels Corporation. We believe our customers select Hyatt because of our caring and attentive associates who work hard to provide efficient service and meaningful experiences. We care about our associates and our customers. This is the Hyatt Touch. Our commitment to Diversity is best evidenced by our focus on company-wide diversity initiatives. We continue to be recognized as one of America's best companies for minorities in rankings based on information about recruiting and employment practices. Associates of Hyatt are given the tools from the first day to make a difference. Hyatt offers comprehensive and competitive benefits for all associates. Hyatt associates work in an environment that demands exceptional performance, yet reaps great rewards - whether it's career opportunities, job enrichment or a supportive working environment. If you are ready for this challenge, then we are ready for you. Come meet the people with the Hyatt touch.
At Hyatt Hotels, Cyber Security is a very important part of our mission to take care of people so they can be their best. The Lead Analyst - Cyber Security Operations will be a crucial contributor to Hyatt's mission, working to extend cyber security protections to our Franchise hotels and managing the vast amounts of security log data Hyatt collects globally. As the most senior individual contributor on the Cyber Security Operations team, the Lead Analyst will supervise Franchise Managed Security Service Provider (MSSP) detections and engagement, and will be responsible for managing Hyatt's own Security Incident and Event Monitoring (SIEM) infrastructure. This highly technical role will have a high degree of visibility throughout the organization and will have a deeply meaningful impact on the safety and security of guest and colleague data.
Supervise Hyatt's technical relationship with third-party Managed Security Service Providers (MSSP) that provide security services to our portfolio of Franchise hotels, ensuring the MSSP appropriately detects and responds to security events affecting Franchise hotels according to established SLAs.
Responsible for data management of Hyatt's Security Incident and Event Monitoring (SIEM) platform. Manage existing ingestions and create new log ingestions on demand, tune alerts and correlation searches, and update field parsing as required.
Perform proactive threat hunting searches looking for signs of intrusion in both the Hyatt and Hyatt Franchise environments.
Act as senior-most resource for both the in-house Security Operations team and for third-party MSSP services. Develop intimate knowledge of the computing environment and use that knowledge to differentiate legitimate from illegitimate behaviors.
Prepare and present updates for senior leadership on threat detection program performance and review past incident response performance with Security Operations team to identify potential program improvements.
Demonstrate a commitment to Hyatt core values.
The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.
Experience
Minimum of ten years' experience in the Cyber Security Engineering, Operations, or Incident Response preferred; however, any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptable.
Experience working with Security Incident and Event Monitoring (SIEM) software required.
Experience working with a third-party Managed Security Service Provider (MSSP) required
Experience working in an organization with a Franchise model preferred
Familiarity with cutting-edge security technologies such as Zero-Trust Network Access, Passwordless Authentication, Endpoint Detection and Response, and Security Incident and Event Management required.
Experience working in a high-intensity threat actor environment preferred.
Experience preparing and presenting status updates for executive leadership preferred.
Experience reviewing and updating Cyber Security Incident Response documentation required.
Knowledge of information systems terminology, controls, and practices.
Proactive self-starter with ability to work independently and as part of a larger team.
Strong verbal and written communication and presentation skills.
Ability to effectively interact with different areas and level of the organization, including executive leadership.
Education
A Bachelor's degree or better in Cyber Security, Information Systems, or any other security-related subject is preferred; however, any combination of education, experience, and certification that demonstrates the candidate can be successful in the position is acceptable.
Certificates, Licenses, Registrations
Any of the CISA, CISM, or CISSP certifications are preferred; however, any combination of certification, education, and experience that demonstrates the candidate can be successful in the position is acceptable.
Computer Skills Needed to Perform this Job• Expert user of Microsoft suite (Word, PowerPoint, Excel)• Experience with Zero-Trust Network Access, Passwordless Authentication, and SIEM tools
Additional Comments and Requirements• Ability and willingness to operate in a fast-paced, complex corporate environment.• Travel may include approximately 5% of work time.