***The location for this position is virtual/remote***
This is your chance to be a part of an in-house Technology team that’s creating cutting-edge technologies revolutionizing the hospitality industry around the world! As an Incident Response Analyst (internal title: Lead Cyber Security Analyst), you will bring your technical skills to a hospitality company with an award-winning culture. On the Cyber Incident Response team reporting to Senior Director of Cyber Security, you will support projects including responding to information security incidents across the global enterprise, using the information security policies, standards, guidelines, and industry best practices to remediate the incident and restore normal business operations.
HOW WE WILL SUPPORT YOU
Hilton is proud to support the mental and physical wellbeing of all Team Members so they can Thrive personally and professionally in a diverse and inclusive environment, thanks to programs and benefits such as:
- Go Hilton travel program: 100 nights of discounted travel with room rates as low as $40/night
- Hilton Shares: Our employee stock purchase program (ESPP) – you can purchase Hilton shares at a 15 percent discount
- Paid parental leave for eligible Team Members, including partners and adoptive parents
- Mental health resources including free counseling through our Employee Assistance Program
- Paid Time Off (PTO)
- Learn more about the rest of our benefits
At Hilton, we believe every Team Member is a leader. Our company is committed to offering leadership development opportunities through every step of a Team Member’s career journey and at every level, both in our hotels and across corporate. Hilton’s leadership development framework focuses on developing skills and business insight through a range of programs and approaches to meet varying learning needs and preferences.
**Available benefits may vary depending upon terms and conditions of employment and are subject to the terms and conditions of the plans.
HOW YOU WILL MAKE AN IMPACT
Your role is important and below are some of the fundamental job duties that make your work unique.
What your day-to-day will be like:
- Ensure timely response and resolution to anomalous activity, hacking, and security incidents/threats in a matrixed and outsourced environment.
- Perform root-cause analysis of incidents, including Correlating multiple data sources, analyzing the facts, determining the best remediation strategy, and remediating until the incident is contained and resolved.
- Maintain information security controls so Hilton can operate efficiently, effectively, and in compliance.
- Perform forensic investigations on live, dead, and virtualized systems in the office, data center, and cloud environments
How you will collaborate with others:
- Provide guidance and technical leadership in information security incidents to Information Technology teams by referencing and enforcing standard methodologies.
- Collaborate with business partners, key collaborators, and internal groups to formulate technical response strategies to address information security incidents.
What projects you will take ownership of:
- Enhance Hilton’s information security incident response program, including the life cycle of an information security incident from pre-incident preparation to the final incident report.
- Provide technical guidance for the detection and remediation strategies of information security incidents across the enterprise.
WHY YOU’LL BE A GREAT FIT
You have these minimum qualifications:
- Five (5) years of professional experience in Technology or a related field
- Three (3) of work experience in Cyber Incident Response
- Solid grasp of network fundamentals, including port, services, IP ranges, etc.
- In-depth operating system experience with supported versions of Windows (including 10, 11 workstation; 2012, 2016, 2019, 2022 server), and Linux (including RedHat, CentOS, and Debian)
- Experience with Splunk or equivalent SEIM and log analysis tools for OS, firewall, IPS/IDS, web content filters, and applications (Mail, Web, Database, etc)
- Malware analysis and reverse engineering experience, including malware remediation
It would be useful if you have:
- BA/BS in Information Technology, Computer Science, Computer Engineering, or equivalent work experience
- Three to five (3-5) years of specialized experience including detecting and investigating anomalies, containing and remediating identified incidents, securely gathering malware samples and sending to anti-virus companies, writing up information security incident reports for executive review, and performing computer forensic investigations and investigation report writing
- Live system memory analysis (including Volatility, Redline, etc.)
- Scripting (including Powershell, Wscript, Python, etc.)
- In-depth application experience in investigating Apache, IIS, SQL, Oracle, WebLogic, Tomcat, etc.
- Experience with Unix (AIX)