Engineer, Incident Response

Hilton Worldwide Mclean , VA 22107

Posted 2 months ago

Job Summary

From smartphone capabilities like Digital Key to connected rooms that allow for integrated entertainment, temperature and lighting controls, Hilton's Global Technology team is responsible for creating the hospitality experience of the future for our guests, owners and Team Members. Through innovative technology development and deployment, this team ensures Hilton has the technology needed to support our continued global growth while remaining at the forefront of hospitality technology innovation.

As a critical team member for the Information Security Incident Response Team, you will drive our information security practices and processes, positioning the Team to become more nimble and capable of handling today's challenges. As the Engineer, Incident Response, you will own responses to security incidents across the enterprise, using department policies, guidelines, and industry standards to remediate cases and restore normal business operations. Balancing business priorities, emerging threats, and standard methodologies to ensure the confidentiality, integrity, and availability of the Company's information assets, you will actively identify risks and craft actionable strategies to safeguard against future incidents.

What will I be doing?

  • This role can be in located in the McLean, VA; Memphis, TN; Dallas, TX or Orlando, FL Offices; or Virtual/Work from Home, as needed.*

As an Engineer at Hilton, you will play a meaningful role in maintaining the controls that enable our organization to operate efficiently, cost effectively and within compliance standards. Engineers will also be charged with assisting others in interpreting, understanding, and applying information security policies and standards to mitigate information security risks. In this role, you will work closely with other members of the Information Security and Compliance organization in a coordinated and focused manner.

  • Improving Hilton's full life-cycle information security incident response program, from pre-incident preparation to final incident report

  • Providing mentorship and technical leadership to our Information Technology teams by referencing and implementing standard methodologies and approaches

  • Ensuring timely response and resolution to anomalous behaviors in a matrixed and outsourced environment

  • Collaborating with business partners, key personnel and internal groups to formulate technical response strategies to address information security incidents

  • Providing technical expertise for the detection and remediation of security incidents enterprise-wide

  • Performing root cause analyses of incidents

  • Assisting in identifying and removing new malware variants as needed; sending samples to the anti-virus companies

  • Correlating multiple data sources, fact gathering and analysis, determining the best remediation strategy, and implementing solutions until the incident is contained and resolved

  • Updating incident history real time and writing final incident reports

What are we looking for?

To fulfill this role successfully, you must possess the following minimum qualifications and experience:

  • BA/BS in Information Technology, Computer Science or Computer Engineering

OR

  • Two (2) years Information Technology work experience

  • Four (4) years of information security incident response experience

  • Experience detecting and investigating anomalies, containing and remediating identified incidents, securely capturing malware samples and sending to anti-virus companies, writing incident reports for executive review

It would be advantageous in this position for you to demonstrate the following capabilities and distinctions:

  • Advanced degree

  • Knowledge of hotel-based IT systems and applications

  • Advanced certifications including CISSP, CISM, CEH, CWSP and GCWN

  • Experience with web application firewalls, firewalls, IPS, network topologies and protocols, web content filtering / proxies, load balancers, UNIX/LINUX, identity management, access management, Active Directory, DNS, password management, DLP, logging, SIEM, and security event correlation and analytics

What will it be like to work for Hilton?

Hilton is the leading global hospitality company, spanning the lodging sector from luxurious full-service hotels and resorts to extended-stay suites and mid-priced hotels. For nearly a century, Hilton has offered business and leisure travelers the finest in accommodations, service, amenities and value. Hilton is dedicated to continuing its tradition of providing exceptional guest experiences across its global brands. Our vision to fill the earth with the light and warmth of hospitality unites us as a team to create remarkable hospitality experiences around the world every day. And, our amazing Team Members are at the heart of it all!

EOE/AA/Disabled/Veterans


upload resume icon
See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cybersecurity Incident Response Director

Pwc

Posted 6 days ago

VIEW JOBS 1/15/2019 12:00:00 AM 2019-04-15T00:00 A career in our Incident and Crisis Management practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. You'll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.Our team helps organisations manage their controls over access to critical systems and assets during a crisis or an active cyber threat. As part of the team, you'll help us develop controls to stay ahead of a crisis, but also help us maintain security and information risk by responding and remediating any current or future cyber threats. Responsibilities As a Director, you'll work as part of a team of problem solvers with extensive consulting and industry experience, helping our clients solve their complex business issues from strategy to execution. Specific responsibilities include but are not limited to: * Proactively lead the practise by setting strategy, drive the development of new business in the market, and provide technical advice across disciplines * Building strong networks within the firm to spot and capitalise on opportunities to get involved in projects that others are leading across a number of different business units and sectors * Identifying and discussing key issues with our clients to identify potential opportunities * Responsibility for a majority of day to day client communications * Responsibility to shape and deliver various projects that exceed the expectations of our clients and our own assignment quality criteria * Manage and deliver large projects by developing the project team, assessing engagement risks throughout, driving conclusions, and reviewing / challenging the output produced by the team * Responsibility for management of engagement financials * Helping to grow and develop our team through hands on training and coaching Job Requirements and Preferences: Basic Qualifications: Minimum Degree Required: Bachelor Degree Required Fields of Study: Computer and Information Science, Computer Applications, Management Information Systems, Computer Engineering, Forensic Science Minimum Years of Experience: 10 year(s) Preferred Qualifications: Degree Preferred: Master Degree Certification(s) Preferred: Any of the following: GIAC including GCFA, GCFE, GREM, GNFA, GCCC, and/or GCIA. Preferred Knowledge/Skills: Demonstrates thought leader-level knowledge with, and/or a proven record of success directing efforts in the following areas: - Apply incident handling processes-including preparation, identification, containment, eradication, and recovery-to protect enterprise environments; - Analyze the structure of common attack techniques in order to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity; - Utilize tools and evidence to determine the kind of malware used in an attack, including rootkits, backdoors, and Trojan horses, choosing appropriate defenses and response tactics for each; - Analyze a security architecture for deficiencies; - Derive Indicators of Compromise (IOCs) from malicious executables to strengthen incident response and threat intelligence efforts; - Conduct in-depth forensic analysis of Windows operating systems and media exploitation focusing on Windows 7, Windows 8/8.1, Windows 10, and Windows Server 2008/2012/2016; - Conduct in-depth forensic analysis of *Nix operating systems and media exploitation focusing on CentOS, RHEL, Solaris, AIX, HPUX, and Ubuntu/Debian; - Identify artifact and evidence locations to answer critical questions, including application execution, file access, data theft, external device usage, cloud services, anti-forensics, and detailed system usage; - Hunt and respond to advanced adversaries such as nation-state actors, organized crime, and hacktivists; - Examine traffic using common network protocols to identify patterns of activity or specific actions that warrant further investigation; - Detect and hunt unknown live, dormant, and custom malware in memory across multiple Windows systems in an enterprise environment; - Identify and track malware beaconing outbound to its command and control (C2) channel via memory forensics, registry analysis, and network connections; - Target advanced adversary anti-forensics techniques like hidden and time-stomped malware, along with utility-ware used to move in the network and maintain an attacker's presence; and, - Use memory analysis, incident response, and threat hunting tools to detect hidden processes, malware, attacker command lines, rootkits, network connections, and more. Demonstrates thought leader-level abilities with, and/or a proven record of success directing efforts in the following areas: - Utilize Network Analysis, Memory Analysis, Endpoint Analysis, Cyber Incident Lifecycle, NIST 800-61; - Identify and address client needs by building solid relationships with clients, developing an awareness of firm services, communicating with the client in an organized and knowledgeable manner, delivering clear requests for information, demonstrating flexibility in prioritizing and completing tasks, and communicating potential conflicts; - Direct the identification and addressing of client needs by building, maintaining, and utilizing networks of client relationships and community involvement, communicating value propositions, managing resource requirements, project workflow, budgets, margins, billing and collection; - Lead and supervise teams to create an atmosphere of trust and seek diverse views to encourage improvement and innovation, answer questions and provide direction to less-experienced staff, coach staff including providing timely meaningful written and verbal feedback; and, - Provide opportunities to contribute to practice development through the development of new collateral and thought leadership pieces, as well as participation in sales and driving revenue. All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer. For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance. Pwc Mclean VA

Engineer, Incident Response

Hilton Worldwide