Description:

The Opportunity

Hyatt seeks an enthusiastic Senior Analyst, Cyber Security - Vulnerability Management to join our cyber security department. In this role, you will be collaborating closely with the broader technical teams, where you’ll be instrumental in continuing to make Hyatt a leading hospitality company. You will be part of a team passionate about diversity, equity, and inclusion, committed to nurturing curiosity and new skills and building connections across the organization with stakeholders, colleagues, and guests.

Who We Are

At Hyatt, we believe in the power of belonging and creating a culture of care, where our colleagues become family. Since 1957, our colleagues and guests have been at the heart of our business and helped Hyatt become one of the world's best and fastest-growing hospitality brands. Our transformative growth and the addition of new hotels, brands, and business lines can open the door for exciting career and growth opportunities for our colleagues.

As we continue to grow, we never lose sight of what’s most important: People. We turn trips into journeys, encounters into experiences, and jobs into careers.

Why Now?

This is an exciting time to be at Hyatt. We are growing rapidly and are looking for passionate changemakers to be a part of our journey. The hospitality industry is resilient and continues to offer dynamic opportunities for upward mobility, and Hyatt is no exception.

How We Care for Our People

Our purpose sets us apart—to care for people so they can be their best. Every business decision is made through the lens of our purpose, and it informs how we have and will continue to support each other as members of the Hyatt family. Our care for our colleagues is the key to our success. We’re proud to have earned a place on Fortune’s prestigious 100 Best Companies to Work For® list for the last ten years. This recognition is a testament to how our Hyatt family continues to come together to care for one another, our commitment to a culture of inclusivity, empathy, and respect, and making sure everyone feels like they belong.

We’re proud to offer exceptional corporate benefits which include:

•Annual allotment of free hotel stays at Hyatt hotels globally

•Flexible work schedules

•Work-life benefits including well-being initiatives such as a complimentary Headspace subscription, and a discount at the on-site fitness center

•A global family assistance policy with paid time off following the birth or adoption of a child as well as financial assistance for adoption

•Paid Time Off, Medical, Dental, Vision, 401K with company match

Our Commitment to Diversity, Equity, and Inclusion

Our success is underpinned by our diverse, equitable, and inclusive culture and we are committed to diversity across the board—from whom we hire and develop, the organizations we support, and whom we buy from and work with.

Being part of Hyatt means always having space to be you. Our global teams are a mosaic of cultures, ethnicities, genders, ages, abilities, and identities. We constantly strive to reflect the world we care for with teams that achieve and grow together. To learn more about our commitments to DE&I, please visit the Why Hyatt section of the Hyatt career page.

Who You Are

As our ideal candidate, you understand the power and purpose of our Culture of Care and embody our core values of Empathy, Inclusion, Integrity, Experimentation, Respect, and Well-being. You enjoy working with others, are results-driven, and seek various opportunities to develop personally and professionally.

The Role

At Hyatt Hotels, Cyber Security is a very important part of our mission to take care of people so they can be their best. The Senior Analyst, Cyber Security Vulnerability Management plays a critical role in safeguarding our organization’s assets by identifying, assessing, and mitigating potential vulnerabilities across our systems. This role requires an experienced professional with extensive experience in cybersecurity, a deep understanding of emerging threats, and a proactive approach to risk mitigation.

Key Responsibilities:

· Vulnerability Assessment

o Conduct scans of Hyatt’s IT infrastructure to detect and evaluate cyber security vulnerabilities. Evaluate potential false positives and tune the scanner as needed.

o Assess the criticality of findings, create remediation plans with applicable teams, and produce comprehensive reports for various levels of stakeholders (i.e., executive and technical).

o Participate in regular “red team” exercises, acting as a malicious attacker would to identify novel and unique vulnerabilities and ensure they are remediated.

o Assist with vulnerability assessments of new applications and act as an advisory resource to their developers to help ensure the creation of secure code.

· Remediation Planning

o Track all vulnerability remediation efforts and hold various teams across the organization and vendors accountable for timelines, initiate escalation, when appropriate.

o Assist with on-site reviews and audit requests of Hyatt properties to identify cybersecurity vulnerabilities and produce meaningful reporting for all findings.

· Security Tool Management

o Manage and optimize vulnerability scanning tools and related software.

· Incident Response

o Provide expertise during security incidents related to vulnerabilities.

o When zero-day exploits are identified, the ability to work urgently with stakeholders across the organization including Cyber Security Operations to assist with the mitigation process.

· Reporting and Documentation

o Generate reports on vulnerability assessment findings, trends, and status updates.

o Maintain accurate documentation of vulnerabilities, assessments, and remediation activities.

· Training and Awareness

o Continuously monitor various sources of information (i.e., threat intelligence feeds) for vulnerabilities and assess their impact on Hyatt’s environment.

Qualifications:

Experience Required:

•4 years of experience in cybersecurity, with a focus on vulnerability management.

•Strong knowledge of common vulnerabilities (e.g. OWASP Top 10) and attack vectors.

•Experience with vulnerability scanning tools (e.g., Rapid7, Qualys, Tenable), including configuration, reporting, scanning best practices, agent deployment, and asset management within the tool.

•Knowledge of security concepts and methodologies such as vulnerability assessments, application vulnerability testing, enterprise security strategies, network and cloud security architecture, and governance.

•Excellent verbal and written communication skills.

•Demonstrated attention to detail.

•Ability to work under pressure and handle multiple priorities simultaneously.

•Ability to travel up to 10%.

Experience Preferred:

•Bachelor’s degree in cybersecurity, information technology, or a related field.

•A CISSP, SSCP, Security , or related industry certification is preferred; however, any combination of certification, education, and experience that demonstrates the candidate can be successful in the position is acceptable.

•Knowledge of system administrative concepts for Unix, Linux, and/or Windows operating systems.

•Knowledge of security frameworks such as CIS, NIST, ISO, PCI, and IT Controls.

The position responsibilities outlined above are in no way to be construed as all-encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.

We welcome you:

Research shows that women, people of color, and other historically excluded groups, tend to apply to jobs, only if they meet all the listed job qualifications. Unsure if you check every box, but feeling inspired to enhance your career? Apply. We’d love to consider your unique experiences and how you could make Hyatt even better.

Primary Location: US-IL-Chicago

Organization: Hyatt Corporate Office, Chicago

Pay Basis: Yearly

Job Level: Full-time

Job: Technology

Req ID: CHI013819

Hyatt is an equal employment opportunity and affirmative action employer. We do not discriminate on the basis of race, color, gender, gender identity, sexual orientation, marital status, pregnancy, national origin, ancestry, age, religion, disability, veteran status, genetic information, citizenship status or any other group protected by law.