Engineer, Incident Response

Hilton Worldwide Mclean , VA 22107

Posted 1 week ago

Job Summary

From smartphone capabilities like Digital Key to connected rooms that allow for integrated entertainment, temperature and lighting controls, Hilton's Global Technology team is responsible for creating the hospitality experience of the future for our guests, owners and Team Members. Through innovative technology development and deployment, this team ensures Hilton has the technology needed to support our continued global growth while remaining at the forefront of hospitality technology innovation.

As a critical team member for the Information Security Incident Response Team, you will drive our information security practices and processes, positioning the Team to become more nimble and capable of handling today's challenges. As the Engineer, Incident Response, you will own responses to security incidents across the enterprise, using department policies, guidelines, and industry standards to remediate cases and restore normal business operations. Balancing business priorities, emerging threats, and standard methodologies to ensure the confidentiality, integrity, and availability of the Company's information assets, you will actively identify risks and craft actionable strategies to safeguard against future incidents.

What will I be doing?

  • This role can be in located in the McLean, VA; Memphis, TN; Dallas, TX or Orlando, FL Offices; or Virtual/Work from Home, as needed.*

As an Engineer at Hilton, you will play a meaningful role in maintaining the controls that enable our organization to operate efficiently, cost effectively and within compliance standards. Engineers will also be charged with assisting others in interpreting, understanding, and applying information security policies and standards to mitigate information security risks. In this role, you will work closely with other members of the Information Security and Compliance organization in a coordinated and focused manner.

  • Improving Hilton's full life-cycle information security incident response program, from pre-incident preparation to final incident report

  • Providing mentorship and technical leadership to our Information Technology teams by referencing and implementing standard methodologies and approaches

  • Ensuring timely response and resolution to anomalous behaviors in a matrixed and outsourced environment

  • Collaborating with business partners, key personnel and internal groups to formulate technical response strategies to address information security incidents

  • Providing technical expertise for the detection and remediation of security incidents enterprise-wide

  • Performing root cause analyses of incidents

  • Assisting in identifying and removing new malware variants as needed; sending samples to the anti-virus companies

  • Correlating multiple data sources, fact gathering and analysis, determining the best remediation strategy, and implementing solutions until the incident is contained and resolved

  • Updating incident history real time and writing final incident reports

What are we looking for?

To fulfill this role successfully, you must possess the following minimum qualifications and experience:

  • BA/BS in Information Technology, Computer Science or Computer Engineering


  • Two (2) years Information Technology work experience

  • Four (4) years of information security incident response experience

  • Experience detecting and investigating anomalies, containing and remediating identified incidents, securely capturing malware samples and sending to anti-virus companies, writing incident reports for executive review

It would be advantageous in this position for you to demonstrate the following capabilities and distinctions:

  • Advanced degree

  • Knowledge of hotel-based IT systems and applications

  • Advanced certifications including CISSP, CISM, CEH, CWSP and GCWN

  • Experience with web application firewalls, firewalls, IPS, network topologies and protocols, web content filtering / proxies, load balancers, UNIX/LINUX, identity management, access management, Active Directory, DNS, password management, DLP, logging, SIEM, and security event correlation and analytics

What will it be like to work for Hilton?

Hilton is the leading global hospitality company, spanning the lodging sector from luxurious full-service hotels and resorts to extended-stay suites and mid-priced hotels. For nearly a century, Hilton has offered business and leisure travelers the finest in accommodations, service, amenities and value. Hilton is dedicated to continuing its tradition of providing exceptional guest experiences across its global brands. Our vision to fill the earth with the light and warmth of hospitality unites us as a team to create remarkable hospitality experiences around the world every day. And, our amazing Team Members are at the heart of it all!


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Incident Response Cyber Threat Hunter Senior

Booz Allen Hamilton Inc.

Posted 1 week ago

VIEW JOBS 11/8/2018 12:00:00 AM 2019-02-06T00:00 Job Description Job Number: R0039522 Incident Response Cyber Threat Hunter, Senior The Challenge: Do you enjoy tactically thinking through Cybersecurity incidents and creating custom solutions for clients? Are you looking for an active role in detecting advanced Cyber threats? Bored with the wait and detect model of security? Instead of letting the attackers come to us, let's go find them! Cyber threats are evolving and perimeter security and automated protection aren't enough to fight some of the most advanced APTs—it's time to go threat hunting. We're looking for specialists who can think like a Cyber attacker and understands how Cyber criminals behave in companies. You'll use your network defense experience and analytical expertise to rapidly prototype and build hunts to sift through the false positives to find patterns and indicators. Guide a team of Cybersecurity experts to find the adversary in the blind spots of traditional security tools and advise on ways to close the gaps and harden infrastructure. As a technical leader, you'll identify new opportunities to build technical solutions to help your customers find the malicious actors and solve some of toughest challenges the industry has to offer. This is a chance to think differently about Cyber defense, step into a role that is innovate, use completely new tools and approaches, and develop the next generation of security analytics. Empower change with us. Build Your Career: Rewarding work, fun challenges, and a ton of investment in our people—that's Booz Allen cyber. When you join Booz Allen, we'll help you develop the career you want. Competitions — From programming competitions at our PyNights , Python competition and learning events) to competing in CTFs, we've got plenty of chances for you to show off your skills. Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills. Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam. Academic Partnerships — In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap. Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces. You Have: * 4+ years of experience with Cybersecurity, SOC, CFC, Information Security, Security Engineering, an IT technical role, or Network Administration or its components * 1+ years of experience in a leadership role, leading or managing a team * Experience with operations management and creating incident reports, process flow, policy, and procedures * Knowledge of malware Cyber threats and methodologies and how to prevent them, anti-phishing and header analysis, malware analysis techniques and detonation, log analysis, and common free tools, including Virus Total, Who IS, IP, and port analysis and scanning * Knowledge of general security tools, including Antivirus, E-mail for Microsoft Office365, Exchange, and Gmail, Multi-factor Authentication, Intrusion Protection Systems (IPS) vs Intrusion Detection Systems (IDS), Web and E-mail Proxy, or Data Loss Prevention tools * Knowledge of how both Windows and Linux systems are compromised * Ability to remote into Servers, perform Java and Python scripting, MSQL, log analysis, pull logs for DHCP or windows logs, or any programming language * Ability to troubleshoot an active security event from detection to containment and speak to the actions needed * Ability to travel globally between 50-60% of the time * BA or BS degree Nice If You Have: * Experience with using industry leading tools for system data analytics and monitoring, including Tanium, Splunk, Endgame, QRadar, SIEM tools, and AV * Experience with working in a Fortune 500 security program preferred * Experience with performing Cyber forensics, malware analysis, Cyber hunt * Knowledge of Cybersecurity and overall IT architecture design and tools * Knowledge of risk management and NIST 800, HIPPA, PCI, ISO 2700 standards, including ITIL and MITR frameworks for security a plus * Knowledge of Cloud Security, Incident Response, and methodologies in Cloud infrastructure compromise * MA or MS degree in Cybersecurity, Information Security, Cyber Forensics, Cyber Engineering, CS, Computer Engineering, or a related Technical IT field * CISSP, CISM, EIH, Security+, GCFA, GNFA, GREM, or GCIH Certification We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change. CMCL Booz Allen Hamilton Inc. Mclean VA

Engineer, Incident Response

Hilton Worldwide