Senior Analyst - Cyber Security Operations

The Opportunity

At Hyatt Hotels, Cyber Security is an essential component of our mission to care for people so they can be their best. The Senior Analyst - Cyber Security Operations plays a crucial role in completing that mission every day by ensuring the global security of our guests, colleagues, and hotels.

In this role, you will be collaborating closely with the broader Cyber Security team, where you'll be instrumental in continuing to make Hyatt a leading hospitality company. You will be part of a team that is passionate about diversity, equity and inclusion, committed to nurturing curiosity and new skills, and building connections across the organization with stakeholders, colleagues and guests.

Who We Are

At Hyatt, we believe in the power of belonging and creating a culture of care, where our colleagues become family. Since 1957, our colleagues and our guests have been at the heart of our business and helped Hyatt become one of the best, and fastest growing hospitality brands in the world. Our transformative growth and the addition of new hotels, brands and business lines can open the door for exciting career and growth opportunities to our colleagues.

As we continue to grow, we never lose sight of what's most important: People. We turn trips into journeys, encounters into experiences and jobs into careers.

Why Now?

This is an exciting time to be at Hyatt. We are growing rapidly and are looking for passionate changemakers to be a part of our journey. The hospitality industry is resilient and continues to offer dynamic opportunities for upward mobility, and Hyatt is no exception.

How We Care for Our People

What sets us apart is our purpose-to care for people so they can be their best. Every business decision is made through the lens of our purpose, and it informs how we have and will continue to support each other as members of the Hyatt family. Our care for our colleagues is the key to our success. We're proud to have earned a place on Fortune's prestigious 100 Best Companies to Work For list for the last ten years. This recognition is a testament to the tremendous way our Hyatt family continues to come together to care for one another, our commitment to a culture of inclusivity, empathy and respect, and making sure everyone feels like they belong.

We're proud to offer exceptional corporate benefits which include:

• Annual allotment of free hotel stays at Hyatt hotels globally

• Flexible work schedules

• Work-life benefits including wellbeing initiatives such as a complimentary Headspace subscription, and a discount at the on-site fitness center

• A global family assistance policy with paid time off following the birth or adoption of a child as well as financial assistance for adoption

• Paid Time Off, Medical, Dental, Vision, 401K with company match

Our Commitment to Diversity, Equity, and Inclusion

Our success is underpinned by our diverse, equitable and inclusive culture and we are committed to diversity across the board-from who we hire and develop, organizations we support, and who we buy from and work with.

Being part of Hyatt means always having space to be you. Our global teams are a mosaic of cultures, ethnicities, genders, ages, abilities and identities. We constantly strive to reflect the world we care for with teams that achieve and grow together. To learn more about our commitments to DE&I, please visit the Why Hyatt section of the Hyatt career page.

Who You Are

As our ideal candidate, you understand the power and purpose of our culture of care, and embody our core values of Empathy, Inclusion, Integrity, Experimentation, Respect and Wellbeing. You enjoy working with others, are results driven and are looking for a variety of opportunities to develop personally and professionally.

The Role

As the most senior and experienced analyst on the Cyber Security Operation (CSO) team, the Senior Analyst takes charge of optimizing Hyatt's security monitoring infrastructure, develops new and novel methods of detecting cyber security incidents, responds to positive detections as the lead incident responder, and hunts for threat actors in the environment proactively.

Your day-to-day responsibilities will include triaging and investigating security alerts, proactive threat hunting, responding to incidents, building detections, and documenting procedures and playbooks.

Successful candidates typically have 3-5 years of information security experience with solid focus on Security Operations and Incident Response as well as technical certifications to reinforce their practical experience.

Responsibilities:

• Respond to Cyber Security incidents as they are detected, ensuring that attackers are evicted, and Hyatt brought out of impact quickly and artfully.

• Create and refine Splunk security dashboards and alerts to clearly identify scope of findings or monitor activity.

• Provide expertise and guidance to the CSO team and wider Cyber Security department, imparting knowledge that improves overall security posture.

• Work with development and operations teams to ensure all security relevant system logs are stored appropriately into Hyatt's SIEM.

• Continuously tune existing log sources and security controls to better detect attackers.

• Use innovative and lateral thinking to "hunt" inside the environment, looking for signs of attacker behavior proactively instead of responding to known incidents.

• Demonstrate a commitment to Hyatt core values.

• Develop intimate knowledge of the computing environment and use that knowledge to differentiate legitimate from illegitimate behaviors.

• Partner with the Cyber Security Engineering team and other stakeholders to optimize control effectiveness and workflows.

• Serve as a key cyber security SME; advise leaders across the organization on actions to take during security events and potential or active threats to the company's security posture, as well as our third parties, key partners, and acquired entities.

• Ensure that SOC team fulfills various compliance requirements related to Data Privacy, PCI-DSS monitoring, and SEC reporting.

• Mentor, coach, and develop talent within the team.

• Demonstrate a commitment to Hyatt core values.

• Maintain rotational on-call availability to support SOC team for escalations that occur outside business hours.

• Must be willing to work off-shift hours, as needed, during incidents. Must also be available for on-call rotation.

Qualifications

Experience Required:

• Minimum of five years' experience in Information Technology and a bachelor's degree; however, any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptable.

• Three years' experience in a Cyber Security Operations Center (SOC) or Incident Response team.

• Proficient in Endpoint Detection & Response tools, preferably CrowdStrike.

• Proficient in Splunk, analyzing the data for anomalies and trends, and building alerts, and dashboards highlighting the key trends of the data.

• Proficient in Windows OS, including Registry, Group/Local Policy, Active Directory, and Windows Event logs.

• Knowledgeable in the life cycle of cyber security threats, attacks, and exploitation methods.

• Experience reviewing and updating Cyber Security Incident Response documentation.

• Knowledge of information systems terminology, controls, and practices.

• Understanding of various compliance and standards requirements across multiple countries and divisions.

• Proactive self-starter with ability to work independently and as part of a larger team.

• Experience preparing and presenting status updates for leadership.

• Strong verbal and written communication and presentation skills.

• Ability to handle time-sensitive situations with a calm and serious attitude while maintaining an appropriate sense of urgency.

• Excellent interpersonal skills and ability to create collaborative relationships with colleagues across various groups and levels, and influence without authority.

• Experience with ServiceNow or similar ticketing platform with the ability to create reports, identify trends, and manage a ticket queue.

• Ability and willingness to operate in a fast-paced and complex corporate environment.

• Ability to travel which may include approximately 10% of work time.

Experience Preferred:

• Experience working in a high-intensity threat actor environment preferred.

• CISSP, GCIH (or any of the equivalent GIAC), ISC2, or ISACA certifications.

• Splunk Core Certified Power User or higher certification.

• Extensive understanding of network security and protocol analysis.

• Experience with system administration on Cisco, Windows, Linux, and macOS devices.

• Familiarity with threat hunting and adversary tactics and techniques (i.e., MITRE ATT&CK).

• Familiarity with Cloud Services such as AWS, Azure, Office 365, and Microsoft Entra ID.

• Expert user of Microsoft suite (Outlook, Excel, PowerPoint, and Word).

The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.

We welcome you:

Research shows that women, people of color and other historically excluded groups, tend to apply to jobs, only if they meet all of the listed job qualifications. Unsure if you check every box, but feeling inspired to enhance your career? Apply. We'd love to consider your unique experiences and how you could make Hyatt even better.