Senior Analyst - Cyber Security Compliance Operations

Hyatt Hotels Corp. Chicago , IL 60602

Posted 2 months ago

This is an exciting, fully remote opportunity to join the Cyber Security organization at Hyatt. The Senior Analyst - Cyber Security Compliance Operations role will report to the Manager, Cyber Security Compliance Operations, leading Hyatt's Third-Party Risk Management (TPRM) enterprise program from a cybersecurity perspective.As a member of the Cyber Security Compliance Operations team, you will implement and manage formalized processes for evaluating, selecting, monitoring and auditing our third-party vendors, while also working with business partners to support their specific needs and timelines.

Position Responsibilities / Essential Functions

  • Support Hyatt's global Third Party Risk Management (TPRM) Program, which includes developing, enhancing and maintaining the process through the use of automation tools including third-party/GRC platform.

  • Create and maintain governance documentation on our global TPRM program, which includes policies, standards, procedures, risk definitions and requirements.

  • Plan and conduct third-party vendor assessments focusing on compliance with regulations, company policies and internal controls. Communicate risks and track remediation plans.

  • Identify key program metrics to measure the effectiveness of the program including creation of reports and scorecards.

  • Communicate TPRM initiatives with various stakeholders across Hyatt.

  • Work with Legal and Procurement to integrate TRPM processes for vendor selection and contract negotiations. Conduct contract reviews to ensure cyber security provisions are in place.

  • Participate in Cyber Security Governance, Risk and Compliance processes to provide guidance on security risks and improve security posture.

  • Be the champion of change and process improvements by actively seeking opportunities to automate and improve processes throughout the organization.

  • Work with various business owners to understand the challenges they face and how to improve efficiency throughout their organization through automation and process improvements.

  • Demonstrate a commitment to Hyatt core values (included in all job descriptions).

  • The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary (included in all job descriptions).


  • Minimum of 3-5 years or a combination of work experience within Cyber Security domains such as Governance Risk, & Compliance and Third Party Risk Management.

  • Deep understanding and experience on organizational process improvements, working with Governance Risk and Compliance (GRC) platforms, and workflow automation platforms.

  • Experience in risk assessment that includes third party and security assessments.

  • Deep understanding of risk frameworks and risk methodologies including, NIST, CIS, COBIT and ISO.

  • Knowledge of SOC reports, ISO certifications, PCI report on compliance and any independent attestation reports that may include compliance and privacy regulations.

  • Experience with creating and implementing cybersecurity policies, standards, and procedures.

  • Knowledge of information systems terminology, controls, and practices.

  • Proactive self-starter with the ability to work independently and as part of a larger team.

  • Strong verbal and written communication and presentation skill.

  • Ability to effectively interact with different areas and level of the organization (especially leadership).


  • Bachelor's degree in Cyber Security, Information Systems, or related discipline.

Certificates, Licenses, Registrations

  • Certifications (Desirable): CISA, CISM, CISSP, Six Sigma, ITIL, PMP

Computer Skills Needed to Perform this Job

  • Expert user of Microsoft suite (Word, PowerPoint, Excel)
  • Experience with GRC and/or Workflow Automation Platforms (e.g. Archer, MetricStream, ZenGRC, LogicGate, etc.)

Additional Comments and Requirements

  • Ability and willingness to operate in a fast-paced, complex corporate environment

  • Travel may include approximately 5% of work time

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Strategy And Business Analyst

Bank Of America Corporation

Posted 3 days ago

VIEW JOBS 7/2/2022 12:00:00 AM 2022-09-30T00:00 Job Description: Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our innovative and forward thinking team. What We Do: At Bank of America, we handle the finances of over 67 million client relationships every day, including helping them save, borrow, and invest for today and for their future. We stand by our clients each and every day giving them the power to realize their personal financial goals and help make their financial lives better. The Global Information Security organization is responsible for protecting bank information systems, confidential and proprietary data, and customer information. The team: * Develops the bank's Information security strategy and policy * Manages the Information security program and identifies and addresses vulnerabilities * Develops, deploys and manages a risk-based controls portfolio * Manages and operates a global security operations center that monitors, detects and responds to cybersecurity incidents What We're Looking For: We're looking for the next generation of Cyber security experts - those with a passion for growing a long-term career, building relationships and working with a team of innovative and forward thinking information security professionals. Our cyber team is meant for those looking to make a real impact and build a career in information security. The role is ideal for those who have a passion to work with industry leaders to protect our brand and the customer/client experience by proactively detecting, disrupting, and mitigating cyber security across the organization. What You'll Get: From day one, you'll receive training including hands-on practice, personalized coaching and dedicated support throughout your on-boarding experience. With demonstrated success, you'll have the opportunity to advance into many different roles with Global Information Security - with unlimited opportunity to grow throughout your career. You will be supported with dedicated programs, tools, and resources throughout your career journey. We'll help you: * Build a successful career at Bank of America through world-class training and on-boarding programs that set you up for success * Grow in your current role through one-on-one coaching from managers who are invested in your success and training programs that help you excel, build new skills or take on additional responsibility * Continuously learn and advance your career goals through intentional career paths to the next best role * Use resources and innovative technologies to optimize the client experience * Expand your business knowledge and network by partnering with experts in Global Information Security, Global Technology and other lines of business * Become an expert in what you do What you can look forward to: * Ongoing professional development to deepen your skills and optimize your expertise as the industry evolves and changes * Resources and dedicated support to help you reach your full potential throughout your career * A benefits program designed to meet the diverse needs of our employees at every stage of their life and help them plan for tomorrow * Progressive workplace practices and initiatives that promote inclusion We're a culture that: * Believes in responsible growth and has a proven dedication to supporting the communities we serve. * Provides continuous training and developmental opportunities to help people achieve their goals, whatever their background or experience. * Believes diversity makes us stronger, so we can reflect, connect to and meet the diverse needs of our clients and customers around the world. * Is committed to advancing our tools, technology, and ways of working. We always put our clients first to meet their evolving needs. Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank's Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Role Description: The Business Analyst will be a member of the CSA COO organization, responsible for capturing and refining business and/or system requirements for projects within in the CSA organization. With a need to bridge business and technology, you'll interact with leadership within CSA to learn about challenges and opportunities and translate that insight into high-quality solutions. Key responsibilities include working with stakeholders to understand their needs, analyze problems, capture their requirements, and then working closely with external development teams to refine the requirements into specifications that can be executed by the team. Individuals in this role possess a foundational understanding of the business/technical domains. Responsibilities include: * Facilitate calls stakeholders to understand their needs, analyze problems, and capture their functional and technical requirements * Work closely with internal and external development teams to refine the requirements into specifications that can be executed by the team * Document requirements in a business requirements document format and seek sign-off from key stakeholders * Develop templates and requirements gathering processes the team can leverage to improve efficiencies * Ability to learn key functions and tools of the CSA organizations and leverage knowledge gained in stakeholder meetings * Partner with CST and CTI to refine business requirements into technical requirements used for development or deployment of infrastructure * Ability to work collaboratively in teams and develop meaningful relationships to achieve common goals * Ability to develop PowerPoint presentations for executive level meetings Required Skills * Highly organized and motivated self-starter who can deliver results with minimal direction * Ability to influence and work collaboratively across peers and multiple levels of management both within and outside of the organization * Creative and proactive problem solver - ability to understand tech enablement concepts to improve new and existing business processes * Ability to communicate clearly and effectively with both technology/development and business partners - ability to translate between these two constituencies * Ability to liaison between lines of business and development teams, translating strategic goals into technology solutions, and vice versa * Strong technical background with a proven track record of documenting functional and technical requirements Desired skills: * Experience defining requirements used to developing business cases for initiative funding * Experience developing PowerPoint presentations for executive level meetings * Experience presenting in executive level meetings Enterprise Job Description: Responsible for defined work or projects of moderate scope and complexity to identify and mitigate third party information security risks. Works under the guidance of a more senior-level manager with limited direction. Possesses extensive technical or functional knowledge in third party risk management, information security, business continuity, and governance. Interacts extensively with internal or external stakeholders including business partners and/or external parties to identify, analyze, and resolve complex problems or security gaps. Typically has 3-5 years of relevant experience. Shift: 1st shift (United States of America) Hours Per Week: 40 Bank Of America Corporation Chicago IL

Senior Analyst - Cyber Security Compliance Operations

Hyatt Hotels Corp.