We are pleased that you are exploring Hyatt Hotels Corporation. We believe our customers select Hyatt because of our caring and attentive associates who work hard to provide efficient service and meaningful experiences. We care about our associates and our customers. This is the Hyatt Touch. Our commitment to Diversity is best evidenced by our focus on company-wide diversity initiatives. We continue to be recognized as one of America's best companies for minorities in rankings based on information about recruiting and employment practices. Associates of Hyatt are given the tools from the first day to make a difference. Hyatt offers comprehensive and competitive benefits for all associates. Hyatt associates work in an environment that demands exceptional performance, yet reaps great rewards - whether it's career opportunities, job enrichment or a supportive working environment. If you are ready for this challenge, then we are ready for you. Come meet the people with the Hyatt touch.

At Hyatt Hotels, Cyber Security is a very important part of our mission to take care of people so they can be their best. The Manager – Cyber Security Vulnerability Management plays a critical role in completing that mission every day by ensuring that Hyatt detects and remediates cyber security risks. As leader of a team of full-time security testers, the Team Lead will regularly evaluate the cyber security posture of Hyatt’s hotels and applications. Leading Hyatt’s Red Team, the Team Lead is responsible for identifying creative and innovative security measures that can help protect Hyatt’s information and for ensuring fixes are deployed. The Manager will also be responsible for maintaining Hyatt’s award-winning Bug Bounty program.

It is imperative that Hyatt detect and remediate cyber security vulnerabilities as quickly as possible, and the Team Lead will help to make our guests and colleagues safe every day.

Responsibilities

Conduct scans of Hyatt’s IT infrastructure to detect cyber security vulnerabilities and arrange fixes with the appropriate teams for identified issues.

Perform regular “red team” exercises, acting as a malicious attacker would to identify novel and unique vulnerabilities and ensure they are remediated.

Select and visit specific Hyatt hotels to identify cyber security vulnerabilities on-site and produce meaningful reporting for all findings.

Conduct vulnerability assessments of new applications and act as an advisory resource to their developers to help ensure the creation of secure code.

Provide analytical support to the Cyber Security Operations team during investigations of attacker activity to help them understand malware behaviors and attack methods.

Responsible for the maintenance and management of Hyatt’s public Bug Bounty Program.

Maintain Hyatt’s Vulnerability Scanning infrastructure in partnership with the Vulnerability Management team.

Demonstrate a commitment to Hyatt core values.

The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualification may be required and/or assigned as necessary.

Experience

At least five years of experience with vulnerability assessment or penetration testing is preferred; however, any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptable.

Education

A Bachelor’s degree or better in Cyber Security, Computer Science, or any other security-related subject is preferred; however, any combination of education, experience, and certification that demonstrates the candidate can be successful in the position is acceptable.

Certificates, Licenses, Registrations

Familiarity with common security testing tools and tool sets such as Kali, Burp Suite, Metasploit, and Core Impact is required.

Expertise with vulnerability scanning tools like Nessus, Nexpose, and Rapid7 is required.

Understanding of attacker behaviors and skillsets is required.

Additional Comments and Requirements

Ability to travel worldwide for penetration testing and vulnerability assessment activities is required (up to 20% of total work hours).

Position is located on-site at Hyatt headquarte