Senior Information Security Analyst

TravelCLICK, Inc   •  

Orlando, FL

Industry: Hospitality & Recreation

  •  

5 - 7 years

Posted 46 days ago

This job is no longer available.

Responsibilities

  • Stay current on security technology and threats applicable to TravelClick® and Amadeus® Hospitality environment
  • Plan, implement, manage, monitor and upgrade security measures for the protection of TravelClick® networks, systems, applications, customers and data
  • Assist in proof-of-concept activities for innovation initiatives to ensure coverage of information security requirements
  • Tests for vulnerabilities by conducting periodic scans of networks, executing penetration testing, and other offensive strategies
  • Support application security automation
  • Provide secure coding guidance to development staff
  • Ability to threat model enterprise applications
  • Perform architecture reviews of developed software applications and technical systems
  • Use an information security architecture framework and methodology to enable reuse of information security components across the enterprise
  • Understanding of key InfoSec regulations & frameworks (PCI, ISO 27001, GDPR)
  • Assist with the analysis and administration of Web Application Firewalls
  • Respond to and investigate potential and confirmed security incidents. Identify, contain and eradicate unauthorized access or processes. Document the entire incident response process
  • Support security analysts with additional technical analysis of events or incidents
  • Participate in Vulnerability and Threat Management program
  • Create and maintain documentation as it relates to security designs/configurations, processes, and requirements
  • Experience with scripting in Bash or Python or other similar scripting languages
  • Perform root cause analysis on security incidents
  • Follow a structured change control process
  • Participate in on-call rotations
  • Other duties as assigned

Basic Qualifications

Basic Qualifications

  • High School Diploma/GED required
  • 6+ years of experience engineering and administering security technologies
  • 2+ years of experience working in an enterprise Linux environment
  • Experience with application and network penetration testing
  • Experience with SIEM tools such as Splunk, ArcSight, QRadar
  • Experience with Vulnerability Management tools such as Tenable Nessus or Qualys
  • Exposure to EDR tools such as CrowdStrike, Carbon Black, or LimaCharlie
  • Experience with containerization (Docker, Kubernetes)
  • Experience with scripting languages or development languages

Additional Characteristics

  • Bachelor's degree or higher from an accredited institution or relevant work experience
  • 2+ years of experience with securing cloud infrastructure (Azure, AWS, Google)
  • Experience with Web Application Firewalls
  • Experience with Infrastructure as Code toolsets (Terraform or similar)
  • 2+ years of experience with Linux Systems Administration preferred
  • Experience with Windows Server and PowerShell preferred but not required
  • Information Security Certifications such as SSCP, CISSP, OSCP, CEH preferred but not required
  • Excellent oral and written communication skills with the ability to communicate security concepts to a technical and non-technical audience including senior management
  • Outstanding organizational skills and ability to prioritize
  • Ability to establish positive relationships quickly; work effectively cross-functionally
  • Work well under pressure by effectively managing multiple priorities and initiatives in a fast pace environment
  • Strong integrity and ethical behavior
  • Experience in the technology, hospitality and or travel industry preferred but not required