Information Security Analyst

Need 10 years of experience

Job Description :

What will I be doing?

We seek a candidate who has the technical expertise and communication skills to work closely with other teams at Hilton, such as infrastructure, cloud, external contractors, field-level IT resources, and risk management teams, as well as unaffiliated security researchers who participate in the Hilton Bug Bounty Program (BBP).

As a Senior Cyber Security Analyst on the SecPEN team, your primary responsibilities will include assisting developers with remediating vulnerabilities discovered from security testing, triaging findings that are submitted to the Hilton BBP, as well as developing Hilton BBP KPI reports for senior management.

What are we looking for?

Responsibilities :

• Track the lifecycle of bug bounty reports submitted through the Hilton Bug Bounty Program (BBP) assuring that program SLAs are met.
• Triage security vulnerabilities that are disclosed through the Hilton BBP.
• Facilitate communications as needed between the BBP and Hilton's various engineering teams, development teams, and finders.
• Collaborate with Hilton's Risk and Incident Response teams as needed to facilitate the management of reported security vulnerabilities.
• Schedule and assist with penetration and remediation testing for a wide variety of Hilton assets.
• Process and track all bug bounty payments to researchers and provide monthly expenditures.
• Analyze the data produced by Hilton's Bug Bounty Program using to surface trends and other insights which can be utilized to positively affect Hilton's security.
• Assist with the development of internal tooling to benefit the penetration testing and BBP programs.

We believe that success in this role will demonstrate itself through the following attributes and skills :

To fulfill this role successfully, you should demonstrate the following minimum qualifications :

It would be helpful in this position for you to demonstrate the following capabilities and distinctions :