Icon hamburger
Information Techn... in Shiloh,Tennessee
Apply to this job.
Think you're the perfect candidate?
Apply on company site

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.

Senior Lead Cyber Security Analyst

Hilton Corporate Flexible Full-Time
Apply on company site

***This position can be located in Memphis, TN; Dallas, TX; Remote or McLean, VA Office*** 

From smartphone capabilities like Digital Key to connected rooms that allow for integrated entertainment, temperature and lighting controls, Hilton's Global Technology team is responsible for creating the hospitality experience of the future – for our guests, owners and Team Members. Through innovative technology development and deployment, this team ensures Hilton has the technology needed to support our continued global growth while remaining at the forefront of hospitality technology innovation.

What will I be doing?

As the Senior Lead Cyber Security Analyst, you will lead the security assessments across a variety of 3rd Party vendors, commercial off-the-shelf products (COTS), custom applications and platforms. You will work closely with both external vendors and product (application) team to help implement security solutions that are tailored to the specific risks facing the organization, including threat modeling and applications security consulting services. You will be a critical component to help manage the compliance of policies and standards as a function of an end-to-end SDLC project lifecycle. 

You will play a meaningful role in maintaining the controls that enable our organization to operate efficiently, cost effectively, and within compliance standards. You will also assist others in interpreting, understanding, and applying the information security policies and standards to mitigate information security risks. This position works closely with other members of the Information Security and Legal Compliance organizations, in a coordinated and focused manner.

More specifically, you will:
  • Conduct vendor and application security assessments and act as a security escalation point for project teams.
  • Author reports with detailed findings descriptions, and prioritized recommendations.
  • Support the evaluations of technologies and software products to determine the feasibility and desirability of incorporating their capabilities within the Hilton product suite.
  • Contribute to the ongoing collection, development, review, and adoption of architecture and development standards and best practices.
  • Actively participate in the governance process associated with application security and technology standards.
  • Communicate the results and recommendations for improvements effectively to junior and senior level staff.
  • Supervise contractors and consultants based on demand and project needs.

What are we looking for?

We are seeking problem solvers who are passionate about technology and who love the chance to learn and execute on any client requests. We believe success in this role will demonstrate itself through the following attributes and skills:
  • Knowledge of hotel-based IT systems and applications
  • Knowledge of two or more following technologies: Gitlab, Atlassian Stack, Node.js, React, Graphql and NOSQL databases such as Couchbase
  • Familiar with C++, J2EE, Java, C# and/or, .Net development
  • Experience reviewing vendor and application design, software framework, and infrastructure to identify issues. Capable of assessing underlying components (e.g., databases, servers), configuration, and security access controls
  • Experience with static code scan tools (e.g., Fortify, Checkmarx) and dynamic scanning tools (e.g., Rapid7, AppScan, Burp, Qualys)
  • Experience working with development methodologies (e.g., Waterfall, Agile, RUP)
  • Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing (e.g., GDPR, ISO 27001, Cloud Security Alliance, NIST 800-53, PCI DSS, SOC2)
  • Good social, verbal, and written communication skills to successfully interact with clients

To fulfill this role successfully, you must possess the following minimum qualifications and experience:

  • Five (5) years' experience in the Information Technology/Information Security industry, product development, and web development on J2EE platforms
  • Two (2) years professional experience with IT-related risk assessment activities
  • Prior experience in Management/ Project Management
  • Certified in cyber security certifications such as CISSP, CEH, GCIA, OSCP and OSCE
  • Experience with typical scripting and programming languages such as PowerShell, Python, VBA, JavaScript, C++ and SQL

It would be advantageous in this position for you to demonstrate the following capabilities and distinctions:

  • BA/BS Bachelor's Degree OR Associate's Degree plus 6+ years of IT related experience OR High School Diploma/GED plus 12+ years of IT related experience
  • Three (3) years of consulting experience (internal or external)
  • Two (2) years' experience working on product development and web development on J2EE platforms
  • One (1) year of experience working with AWS/Azure Cloud design and architecture such as SaaS, IaaS and/or PaaS
What will it be like to work for Hilton?

Hilton is the leading global hospitality company, spanning the lodging sector from luxurious full-service hotels and resorts to extended-stay suites and mid-priced hotels. For nearly a century, Hilton has offered business and leisure travelers the finest in accommodations, service, amenities and value. Hilton is dedicated to continuing its tradition of providing exceptional guest experiences across its global brands.  Our vision to fill the earth with the light and warmth of hospitality unites us as a team to create remarkable hospitality experiences around the world every day.  And, our amazing Team Members are at the heart of it all!

Skills required

Installations (Computer Systems)
Assure Integrity
Understand Vulnerability
Risk Assessments
Incident Response
Ensure Protection
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Job ID: TEC0103P_13920_en


For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.