Analyst, Cyber Security Governance, Risk Management, And Compliance

Hyatt Chicago , IL 60602

Posted 1 week ago

At Hyatt Hotels, Cyber Security is a very important part of our mission to take care of people so they can be their best. The Analyst Cyber Security Governance, Risk Management, and Compliance (GRC) plays a crucial role in completing that mission every day by ensuring that Hyatt manages our known risks and complies with regulatory mandates. The Analyst ensures compliance with Cyber Security regulations that Hyatt must follow, tracks compliance to the enterprise Risk Management Framework, and works to remediate identified security vulnerabilities in a timely manner.

It is important that Hyatt maintain an effective cyber security compliance program and the Analyst plays the most important role in that function.

  • Work with properties to complete the yearly PCI attestation process and ensure all properties follow the established completion timelines.

  • Act as a point of contact for compliance questions from the field and other business units.

  • Track the remediation of identified cyber security risks and maintain Hyatt's cyber security risk register.

  • Monitor Hyatt's Cyber Security Data Loss Prevention tools for signs that confidential information is being improperly handled.

  • Work with an external vendor to continuously perform security awareness testing on Hyatt colleagues.

  • Demonstrate a commitment to Hyatt Core Values

The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Security Risk & Compliance Analyst Solution Technology


Posted 2 weeks ago

VIEW JOBS 3/5/2019 12:00:00 AM 2019-06-03T00:00 Qualifications * 2+ years of experience working in a dedicated security risk management capacity * 2+ years of experience in an enterprise setting, performing assessments, audits and/or compliance and privacy related work * Working knowledge of security frameworks such as NIST, ISO 27001/2, Cloud Security Alliance CCM, FedRamp. * Working knowledge of cyber/information security risk management practices * Ability to create information security management system (ISMS) processes and artifacts for tracking and scoring security risk * Effective written and verbal communication skills. * Familiarity with assessing risks associated with cloud environments * Familiarity with agile and devops practices * Working knowledge of security policy and process documentation * Ability to work independently and plan/structure work activities and deadlines. * Experience creating workflows and basic automation for security governance and compliance/audit-related tasks and activities * Preferred experience with Jira * Confluence/wiki pages * Experience with ticketing systems and workflow * GRC software experience preferred * Preferred certifications: CISA, CISM, CISSP Who You'll Work With You will work within our Information Security teams which is part of McKinsey's Solution Technology practice. This group fosters innovation driven by analytics, design thinking, mobile and social by developing new products/services and integrating them into our client work. It is helping to shift our model toward asset-based consulting and is a foundation for the firm's entrepreneurial culture. What You'll Do Working directly with the CISO and key stakeholders, you will create security risk management processes and documentation to support security risk and compliance processes. This will include drafting and maintaining risk register, creating policy and documentation, creating dashboards and reports, conducting security risk assessments and creating security communications and awareness materials. Additionally, you will help introduce automation and reshape our security management and controls approach to operate effectively in a cloud/devops environment. You will work to develop and improve on existing security management and compliance related processes, controls and documentation. Additionally, you will help establish processes and conduct activities that support the firm information security management system, identifying, documenting and defining controls to reduce cyber security related risks. You'll also have the opportunity to draft security policies and standards, create reports and other documentation in support of security risk management activities. McKinsey & Company is an equal opportunity employer. Mckinsey Chicago IL

Analyst, Cyber Security Governance, Risk Management, And Compliance