Senior Analyst Cyber Security Operations - SIEM and Automation (Remote Opportunity)

Hyatt - Chicago, IL

posted about 1 month ago

Full-time - Mid Level
Remote - Chicago, IL
Accommodation

About the position

The Senior Analyst, Cyber Security Operations at Hyatt is responsible for ensuring the global security of guests, colleagues, and hotels. This role involves managing the Security Information and Event Management (SIEM) system, developing detection mechanisms to identify and mitigate security threats, and creating automation workflows to streamline security operations. The analyst will collaborate with the Cyber Security team and Managed Security Service Provider (MSSP) to enhance Hyatt's security posture and respond to cyber incidents effectively.

Responsibilities

  • Manage the day-to-day cyber security operations in partnership with MSSP, including investigation, containment, and remediation of incidents.
  • Develop and maintain runbooks for potential incidents, documenting responsibilities of stakeholders.
  • Respond to Cyber Security incidents, ensuring identification, mitigation, and remediation of malicious activities.
  • Design, implement, and maintain SIEM and threat detection content, including dashboards and detection rules.
  • Continuously research and hunt for tactics used by advanced threat groups and develop detection mechanisms.
  • Create automations, scripts, and workflows using SIEM and automation tools to streamline SOC processes.
  • Collaborate with development and operations teams for efficient monitoring and logging of security events.
  • Incorporate threat intelligence feeds for enrichment and alerting in the SIEM.
  • Advise leaders on actions during security events and potential threats to the company's security posture.
  • Ensure compliance with regulations and standards such as Data Privacy and PCI-DSS.
  • Mentor and develop talent within the team.

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related field, or equivalent experience and certifications.
  • 3-5 years of information security experience with a focus on Security Operations and Incident Response.
  • 3 years of experience in a Cyber Security Operations Center (SOC) or Incident Response team.
  • Proficiency with SIEM platforms (e.g., Splunk) and security automation tools.
  • Experience with security tools such as EDR, IDS/IPS, SWG, firewalls, and intelligence platforms.
  • Cyber Security related certifications (e.g., SANS, CISSP, Splunk Power User) preferred.
  • Technical knowledge of Linux, Windows, or MacOS systems and cloud services (AWS, Azure).
  • Experience with log analysis tools and query languages.
  • Experience with scripting languages (e.g., Python, PowerShell).
  • Familiarity with cyber kill chain, MITRE ATT&CK framework, and threat hunting.
  • Experience with ServiceNow or similar ticketing platforms.

Nice-to-haves

  • Cyber Security related certifications (e.g., SANS, CISSP, Splunk Power User) are preferred but not mandatory.

Benefits

  • Travel Perks and Benefits for both ALG Vacations and Hyatt
  • Medical, Dental and Vision Insurance
  • Basic Life Insurance
  • Short- & Long-Term Disability
  • Paid Parental Leave
  • Corporate Wellness Program
  • Travel Discounts & Deals
  • Paid Time Off & Holidays
  • 401(k) Plan with Company Match

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service