Icon hamburger
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply on company site

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.

Sr. Lead, Cyber Assessor Penetration Tester

Hilton Corporate Flexible Full-Time
Apply on company site

***This position can be based in Memphis, TN; Dallas, TX; McLean, VA or Remote***

From smartphone capabilities like Digital Key to connected rooms that allow for integrated entertainment, temperature and lighting controls, Hilton's Global Technology team builds the hospitality experience of the future – for our guests, owners and Team Members. Through innovative technology development and deployment, this team ensures Hilton has the technology needed to support our continued global growth while remaining at the forefront of hospitality technology innovation.

What will I be doing?

As the Senior Lead Cyber Assessor Penetration Tester, you will be executing penetration, vulnerability, and security assessments across a variety COTS and custom applications and platforms. The scope of your work will include performing security penetration testing in various environments, simulating real-world cyber-attack scenarios against technologies related to hospitality and lodging, and conducting a security red team exercise. You will provide actionable recommendations and mentorship for clients based on your assessment findings.

More specifically, you will:
  • Perform security penetration testing in various environments, simulate real world cyber-attack scenarios against a plethora of technologies related to hospitality and lodging, as well as successfully conduct a security red team exercise.
  • Provide actionable recommendations and guidance for clients based on the assessment findings.
  • Learn and execute on any client requests and form positive partnerships with customer staff in structured and unstructured situations.
  • Present the results of penetration tests to client partners to include senior or executive leadership.
  • Use your solid grasp and deep understanding in Information Technology and security vulnerabilities to simulate threat modeling and attack scenarios.
  • Utilize your experience ranking vulnerabilities based on context and possible impact.

What are we looking for?

We are seeking problem solvers who are passionate about growing market share in a dynamic industry and who love to combine their analytical skills with business insight. We believe success in this role will demonstrate itself through the following attributes and skills:
  • Motivated Self-Starter with "Can do" attitude that takes initiative and has the ability to spin up quickly on technologies, challenging opportunities, topics, and advances in the cyber security field that require ongoing learning and self-training
  • Good interpersonal, verbal, and written communication skills to successfully accomplish client-facing interactions and presentations to positively influence Hilton's partners
  • Experience with multiple Information Security domains: Cyber Architecture, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Database and Platform Security, Identity and Access Management, Policy and Governance, Cloud Security, RFID, BLE, Encryption, Penetration Testing, Vulnerability Scanning and Management, and Compliance and Risk Management
  • Deep understanding of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat
  • Solid grasp of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
  • Previous experience with penetration testing processes, tools, and technologies and extensive knowledge of standard methodologies regarding their implementation
  • Deep understanding of global regulatory and legislative cyber security and privacy requirements like HIPAA, GDPR, SOX, PCI, etc.
  • Previous experience working with the Kill Chain, Diamond Model of Intrusion, and similar frameworks and concepts
  • Knowledge of industry research and standard methodologies in penetration testing and red teaming
  • Solid skills in various operating systems and enterprise platforms to include: Windows, Linux/Unix, Mac OS, iOS, Android, Active Directory, .Net framework, Oracle business products, SAP, etc.
  • Previous experience with tools such as Qualys, Rapid7, Checkmarx, Burp Suite, Black Duck and SD Elements
  • An aptitude for effectively addressing any issue in collaboration with others

To fulfill this role successfully, you must possess the following minimum qualifications and experience:

  • Five (5) years of professional experience in the Information Technology/Information Security industry
  • Two (2) years of professional experience IT-related penetration testing activities
  • Experience with execution of a variety of penetration testing assessments and vulnerability assessments to include network penetration testing, web application penetration testing, RF and RFID, Bluetooth, Zigbee, mobile device penetration testing, IoT testing as well as physical and social engineering exercises
  • Experience with typical scripting and programming languages – to include PowerShell, Python, VBA, JavaScript, C++, SQL, etc.
  • Experience developing vulnerability reports with detailed finding descriptions, test case reproduction steps, and prioritized recommendations
  • Cyber security certifications such as CISSP, CEH, GCIA, OSCP & OSCE
  • Ability to travel up to 25%

It would be advantageous in this position for you to demonstrate the following capabilities and distinctions:

  • BA/BS Bachelor's Degree
  • Consulting experience (internal or external)
  • Prior experience working on a security Red Team or other technical security assessment team
  • Prior experience leading a successful penetration testing program for a large organization
  • Prior experience conducting social engineering and client-side threats
  • Strong Kali Linux platform knowledge and skill working with standard penetration testing tools for discovery, vulnerability assessments, exploitation, post exploitation and social engineering
What will it be like to work for Hilton?

Hilton is the leading global hospitality company, spanning the lodging sector from luxurious full-service hotels and resorts to extended-stay suites and mid-priced hotels. For nearly a century, Hilton has offered business and leisure travelers the finest in accommodations, service, amenities and value. Hilton is dedicated to continuing its tradition of providing exceptional guest experiences across its global brands.  Our vision to fill the earth with the light and warmth of hospitality unites us as a team to create remarkable hospitality experiences around the world every day.  And, our amazing Team Members are at the heart of it all!

Recommended skills

Penetration Testing
Application Security
Information Security
Vulnerability Scanning
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: TEC0102W_15860_en


For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.

For nearly a century, Hilton has offered business and leisure travelers the finest in accommodations, service, amenities and value.

We know that great guest experiences begin with Team Members who feel appreciated, valued and respected. That's what you can expect at Hilton, where we have created a culture of excellence, continuous improvement, and innovation.

View the full profile