Senior Manager Cyber Security Operations (Remote Opportunity)

The Opportunity

At Hyatt Hotels, Cyber Security is an essential component of our mission to take care of people so they can be their best. The Senior Manager of Cyber Security Operations plays a crucial role in completing that mission every day by ensuring the global security of our guests, colleagues, and hotels. In this role, you will be collaborating closely with the broader Cyber Security team, where you’ll be instrumental in continuing to make Hyatt a leading hospitality company. You will be part of a team passionate about diversity, equity, and inclusion, committed to nurturing curiosity and new skills and building connections across the organization with stakeholders, colleagues, and guests.

Who We Are

At Hyatt, we believe in the power of belonging and creating a culture of care, where our colleagues become family. Since 1957, our colleagues and guests have been at the heart of our business and helped Hyatt become one of the world's best and fastest-growing hospitality brands. Our transformative growth and the addition of new hotels, brands, and business lines can open the door for exciting career and growth opportunities for our colleagues.

As we continue to grow, we never lose sight of what’s most important: People. We turn trips into journeys, encounters into experiences, and jobs into careers.

Why Now?

This is an exciting time to be at Hyatt. We are growing rapidly and are looking for passionate changemakers to be a part of our journey. The hospitality industry is resilient and continues to offer dynamic opportunities for upward mobility, and Hyatt is no exception.

How We Care for Our People

Our purpose sets us apart—to care for people so they can be their best. Every business decision is made through the lens of our purpose, and it informs how we have and will continue to support each other as members of the Hyatt family. Our care for our colleagues is the key to our success. We’re proud to have earned a place on Fortune’s prestigious 100 Best Companies to Work For® list for the last ten years. This recognition is a testament to the tremendous way our Hyatt family continues to come together to care for one another, our commitment to a culture of inclusivity, empathy, and respect, and making sure everyone feels like they belong.

We’re proud to offer exceptional corporate benefits which include:

•Annual allotment of free hotel stays at Hyatt hotels globally

•Flexible work schedules

•Work-life benefits including well-being initiatives such as a complimentary Headspace subscription, and a discount at the on-site fitness center

•A global family assistance policy with paid time off following the birth or adoption of a child as well as financial assistance for adoption

•Paid Time Off, Medical, Dental, Vision, 401K with company match

Our Commitment to Diversity, Equity, and Inclusion

Our success is underpinned by our diverse, equitable, and inclusive culture and we are committed to diversity across the board—from whom we hire and develop, the organizations we support, and whom we buy from and work with.

Being part of Hyatt means always having space to be you. Our global teams are a mosaic of cultures, ethnicities, genders, ages, abilities, and identities. We constantly strive to reflect the world we care for with teams that achieve and grow together. To learn more about our commitments to DE&I, please visit the Why Hyatt section of the Hyatt career page.

Who You Are

As our ideal candidate, you understand the power and purpose of our Culture of Care and embody our core values of Empathy, Inclusion, Integrity, Experimentation, Respect, and Well-being. You enjoy working with others, are results-driven, and seek various opportunities to develop personally and professionally.

The Role

The Senior Manager of Cyber Security Operations will be responsible for managing a team of analysts that make up the Security Operations Center (SOC) as well as a Managed Security Service Provider (MSSP) to ensure detections generated by Cyber Security controls are actioned promptly.

The Senior Manager of Cyber Security Operations will also be responsible for developing new and novel methods of detecting Cyber Security incidents, responding to positive detections, and escalating them to various stakeholders in the organization. This highly technical role will have a high degree of visibility throughout the organization and will have a deeply meaningful impact on the safety and security of guest and colleague data.

Responsibilities:

•Provide management of both the in-house SOC team and MSSP services.

•Manage Cyber Security incidents impacting the organization by supervising the incident response process.

•Develop intimate knowledge of the computing environment and use that knowledge to differentiate legitimate from illegitimate behaviors.

•Responsible for resource management, scheduling, security event/incident identification, resolution, and escalation.

•Report metrics and scorecards to measure the effectiveness and efficiency of detection and response capabilities.

•Prepare and present updates for senior leadership on threat detection program performance.

•Review past incident response performance with the SOC team to identify potential program improvements.

•Maintain SOC documentation, including management and updates of relevant procedures, standards, runbooks, playbooks. Ensure updates to SOC documentation are aligned with evolving requirements and threats.

•Partner with the Cyber Security Engineering team and other stakeholders to optimize control effectiveness and workflows.

•Serve as a key cybersecurity SME; advise leaders across the organization on actions to take during security events and potential or active threats to the company’s security posture, as well as our third parties, key partners, and acquired entities.

•Work closely with Cyber leadership on setting strategic direction and continuous improvement of the SOC. Perform routine capability and maturity assessments and long-range planning, as well as evaluation of current and future-state toolsets and partnerships.

•Ensure that SOC team fulfills various compliance requirements related to Data Privacy, PCI-DSS monitoring, and SEC reporting.

•Mentor, coach, and develop talent within the team.

•Demonstrate a commitment to Hyatt's core values.

•Rotational on-call availability to support SOC team on escalations that occur outside business hours.

•Must be willing to work off-shift hours, as needed, during incidents. Must also be available for on-call rotation.

Experience Required: 

•Minimum of ten years of experience in cybersecurity and a bachelor's degree; however, any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptable.

•5 years of experience directly managing technical staff in a Cyber Security Operations Center (SOC) or Incident Response team.

•Experience working with Extended Detection and Response (EDR) software.

•Experience working with a third-party Managed Security Service Provider (MSSP).

•Experience preparing and presenting status updates for executive leadership.

•Experience reviewing and updating Cyber Security Incident Response documentation.

•Proficient in Splunk, analyzing the data for anomalies and trends, and building alerts, and dashboards highlighting the key trends of the data.

•Knowledge of information systems terminology, controls, and practices.

•Proactive self-starter with the ability to work independently and as part of a larger team.

•Strong verbal and written communication and presentation skills.

•Ability to effectively interact and communicate with different areas and levels of the organization, including executive leadership and non-technical stakeholders.

•Exhibits deep understanding and functional expertise with relevant compliance and standards requirements across multiple countries and divisions.

•Experience in a security leadership role working with privacy, legal, risk, and audit teams to ensure strong cooperation and collaboration.

•Ability to handle time-sensitive situations with a calm and serious attitude while maintaining an appropriate sense of urgency.

•Excellent interpersonal skills and ability to create collaborative relationships with colleagues across various groups and levels and influence without authority.

•Experience with ServiceNow or similar ticketing platform with the ability to create reports, identify trends, and manage a ticket queue.

•Ability and willingness to operate in a fast-paced, complex corporate environment.

•Ability to travel which may include approximately 10% of work time.

Experience Preferred: 

•Experience working in an organization with a Franchise model preferred.

•Experience working in a high-intensity threat actor environment preferred.

•CISM, CISSP, GCIH, or any of the equivalent GIAC, ISC2, or ISACA certifications.

•Splunk Core Certified Power User or higher certification.

•Experience with Cisco, Windows, Linux & macOS systems administration

•Familiarity with cutting-edge security technologies such as Zero-Trust Network Access, Password less Authentication, Artificial Intelligence, Cloud Security, Endpoint Detection and Response, and Extended Detection and Response (XDR).

•Familiarity with threat hunting and adversary tactics and techniques (i.e., MITRE ATT&CK).

•Strong negotiation skills and the ability to build constructive relationships with diverse groups of people, including internal stakeholders and external stakeholders (i.e., vendors, ISACs, etc.)

•Knowledge of Cloud Services such as AWS, Azure, Office 365, and Microsoft Entra ID

•Expert user of Microsoft Suite (Outlook, Excel, PowerPoint & Word).

The position responsibilities outlined above are in no way to be construed as all-encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.

We welcome you:

Research shows that women, people of color, and other historically excluded groups, tend to apply to jobs, only if they meet all the listed job qualifications. Unsure if you check every box, but feeling inspired to enhance your career? Apply. We’d love to consider your unique experiences and how you could make Hyatt even better.