Lead Security Analyst - Commercial Solutions

Hilton Worldwide   •  

Dallas, TX

Industry: Hospitality & Recreation

  •  

Less than 5 years

Posted 39 days ago

Lead Security Analyst – Commercial Solutions

From smartphone capabilities like Digital Key to connected rooms that allow for integrated entertainment, temperature, and lighting controls, Hilton's Global Technology team is responsible for creating the hospitality experience of the future – for our guests, owners, and Team Members. Through innovative technology development and deployment, this team ensures Hilton has the technology needed to support our continued global growth while remaining at the forefront of hospitality technology innovation.


What will I be doing?

Commercial technology solutions (a.k.a. Commercial Off-The-Shelf – COTS) from third-party vendors support numerous corporate, call center, and hotel technology functions. As the Lead Security Analyst – Commercial Solutions, you will be a technical contributor on Hilton's Information Security, responsible for integrating sound cybersecurityprocesses and controls for COTS solutions that handle sensitive data, may impact guest/employee life and safety, and deliver positive guest stay experiences.

You will be dedicated and committed to supporting the development, maintenance, and management of processes that provide for initial and ongoing secure implementation of commercial solutions. This includes consistent and repeatable solution security controls.

More specifically, you will:

  • Perform timely reviews and assessments of the commercial solution architecture and support service delivery processes that help ensure cyberrisks are not introduced due to limitations in technology management, maintenance, and supportprocesses.
  • Integrate commercial solutions into the enterprise technology management and security process (e.g., threat management, logging, patch delivery).
  • Execute the annual Payment Card Industry (PCI) commercial solutions assessments, as well as other compliance driven requirements (e.g., privacy impact analyses).

This is a new position at Hilton and will report to a new technical leader that will craft the future approach and direction for the role.



What are we looking for?

The success in this role will demonstrate itself through the following attributes and skills:

  • Experience developing an understanding of how a solution functions through the review of user documentation and inquiries with the vendor
  • Applied knowledge of base cybersecurity practices at all layers of the technology stack in the design and/or assessment of commercial solutions:
    • Network Layer: un-trusted network access controls, application firewall rules and vendor remote access
    • Platform: AD, Domain Join, service accounts, COTS solution, platform agent interoperability and patching
    • Devices/IoT: communication requirements and centralized device management
    • Data and Database: Data types stored, processed, transmitted, database accounts and access controls, and secure database connections
    • Application: Application access, role based access to admin and business transactions/functions
  • Experience overseeing multi-functional technology groups comprised of positive partnerships such as solution sponsors, engineers, and support to promote commercial solutions architecture and management practices
  • Prior experience in managing or implementing a commercial solution is desirable

To fulfill this role successfully, you must possess the following minimum qualifications and experience:

  • High School Diploma/GED
  • Three (3) years of related experience
  • Travel up to 30% of the time

It would be advantageous in this position for you to demonstrate the following capabilities and distinctions:

  • Five (5) years of related experience
  • Certification in CISSP

INF0109K