Engineer, Information Security Incident Response

Hilton Corporate
Mclean, VA
Oct 12, 2017
Oct 20, 2017
Full Time
This position can be based in one of our corporate offices in McLean, VA or Memphis, TN or Dallas, TX or Tampa, FL The Information Security Engineer for Incident Response will be responsible for preparing for, responding to, and remediating information security incidents to ensure anomalous and unauthorized activity is addressed with expediency to protect the Company's information assets and reduce interruptions to business processes.What will I be doing?The Information Security Engineer for Incident Response will drive information security practices and processes for incident response throughout the organization. The Information Security Engineer will balance business priorities, information security risks, emerging threats, and best practices to ensure the confidentiality, integrity, and availability of the Company's information assets. This position will require a strong information security professional, who can identify potential risks and develop achievable and effective strategies, as well as a strong security industry knowledge that evolves with current and emerging threats and an ongoing understanding of key business and technological processes.Other key priorities are listed below: Responsible for responding to information security incidents across the enterprise, using the information security policies, standards, guidelines, and industry best practices to remediate the incident and restore normal business operationsPlay an important role in maintaining the information security controls that enable Hilton to operate efficiently and cost effectively, as well as maintain complianceResponsible for assisting others in interpreting, understanding, and applying information security policies and standards to mitigate information security risksWork closely with other members of the Information Security and Compliance organization in a collaborative and goal oriented mannerEnhance Hilton's information security incident response program, including the lifecycle of an information security incident from pre-incident preparation to final incident reportProvide guidance and technical leadership in information security incidents to Information Technology teams by referencing and enforcing standard methodologies and approachesEnsure timely response and resolution to anomalous behaviors in a matrixed and outsourced environmentCollaborate with business partners, key stakeholders, and internal departments to formulate technical response strategies to address information security incidentsProvide technical guidance for the detection and remediation strategies of information security incidents enterprise-widePerform root cause analysis of incident(s)Identify and remove new malware variants as needed; sending samples to the anti-virus companiesCorrelate multiple data sources, analyzing the facts, determining the best remediation strategy, and remediating until incident is contained and resolvedUpdate incident history in real time and write final incident reportsWhat are we looking for?To fulfill this role successfully, you must possess the following minimum qualifications and experience:High School Degree/GEDA minimum of Three (3) year of Information Security Incident Response experience, including detecting and investigating anomalies, containing and remediating identified incidents, securely gathering malware samples and sending to anti-virus companies, and writing up information security incident reports for executive reviewAbility to travel as required (1-2 times annually)It would be advantageous in this position for you to demonstrate the following capabilities and distinctions:Bachelor's Degree in Information Technology, Computer Science or Computer EngineeringA minimum of Five (5) years of professional experience Experience with web application firewalls, firewalls, IPS, network topologies and protocols, web content filtering/proxies, load balancers, UNIX/LINUX, identity management, access management, active directory, DNS, password management, DLP, logging, SIEM, and security event correlation and analyticsKnowledge of hotel-based IT systems and applicationsAdvanced certifications such as CISSP, CISM, CEH, CWSP, GCWN, etc.What will it be like to work for Hilton?Hilton is the leading global hospitality company, spanning the lodging sector from luxurious full-service hotels and resorts to extended-stay suites and mid-priced hotels. For nearly a century, Hilton has offered business and leisure travelers the finest in accommodations, service, amenities and value. Hilton is dedicated to continuing its tradition of providing exceptional guest experiences across its global brands. Our vision to fill the earth with the light and warmth of hospitality unites us as a team to create remarkable hospitality experiences around the world every day. And, our amazing Team Members are at the heart of it all! EOE/AA/Disabled/Veterans

Similar jobs