The #1 Site for IT and Engineering Jobs - search all IT and Engineering  jobs.
M8x0yy5ywsz01yf506t

Sr. Lead, Cyber Assessor Penetration Tester

Job Description

***This position can be based in Memphis, TN; Dallas, TX; McLean, VA or Remote***


From smartphone capabilities like Digital Key to connected rooms that allow for integrated entertainment, temperature and lighting controls, Hilton's Global Technology team builds the hospitality experience of the future - for our guests, owners and Team Members. Through innovative technology development and deployment, this team ensures Hilton has the technology needed to support our continued global growth while remaining at the forefront of hospitality technology innovation.


What will I be doing?

As the Senior Lead Cyber Assessor Penetration Tester, you will be executing penetration, vulnerability, and security assessments across a variety COTS and custom applications and platforms. The scope of your work will include performing security penetration testing in various environments, simulating real-world cyber-attack scenarios against technologies related to hospitality and lodging, and conducting a security red team exercise. You will provide actionable recommendations and mentorship for clients based on your assessment findings.


More specifically, you will:
  • Perform security penetration testing in various environments, simulate real world cyber-attack scenarios against a plethora of technologies related to hospitality and lodging, as well as successfully conduct a security red team exercise.
  • Provide actionable recommendations and guidance for clients based on the assessment findings.
  • Learn and execute on any client requests and form positive partnerships with customer staff in structured and unstructured situations.
  • Present the results of penetration tests to client partners to include senior or executive leadership.
  • Use your solid grasp and deep understanding in Information Technology and security vulnerabilities to simulate threat modeling and attack scenarios.
  • Utilize your experience ranking vulnerabilities based on context and possible impact.




What are we looking for?


We are seeking problem solvers who are passionate about growing market share in a dynamic industry and who love to combine their analytical skills with business insight. We believe success in this role will demonstrate itself through the following attributes and skills:
  • Motivated Self-Starter with 'Can do' attitude that takes initiative and has the ability to spin up quickly on technologies, challenging opportunities, topics, and advances in the cyber security field that require ongoing learning and self-training
  • Good interpersonal, verbal, and written communication skills to successfully accomplish client-facing interactions and presentations to positively influence Hilton's partners
  • Experience with multiple Information Security domains: Cyber Architecture, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Database and Platform Security, Identity and Access Management, Policy and Governance, Cloud Security, RFID, BLE, Encryption, Penetration Testing, Vulnerability Scanning and Management, and Compliance and Risk Management
  • Deep understanding of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat
  • Solid grasp of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
  • Previous experience with penetration testing processes, tools, and technologies and extensive knowledge of standard methodologies regarding their implementation
  • Deep understanding of global regulatory and legislative cyber security and privacy requirements like HIPAA, GDPR, SOX, PCI, etc.
  • Previous experience working with the Kill Chain, Diamond Model of Intrusion, and similar frameworks and concepts
  • Knowledge of industry research and standard methodologies in penetration testing and red teaming
  • Solid skills in various operating systems and enterprise platforms to include: Windows, Linux/Unix, Mac OS, iOS, Android, Active Directory, .Net framework, Oracle business products, SAP, etc.
  • Previous experience with tools such as Qualys, Rapid7, Checkmarx, Burp Suite, Black Duck and SD Elements
  • An aptitude for effectively addressing any issue in collaboration with others

To fulfill this role successfully, you must possess the following minimum qualifications and experience:

  • Five (5) years of professional experience in the Information Technology/Information Security industry
  • Two (2) years of professional experience IT-related penetration testing activities
  • Experience with execution of a variety of penetration testing assessments and vulnerability assessments to include network penetration testing, web application penetration testing, RF and RFID, Bluetooth, Zigbee, mobile device penetration testing, IoT testing as well as physical and social engineering exercises
  • Experience with typical scripting and programming languages - to include PowerShell, Python, VBA, JavaScript, C++, SQL, etc.
  • Experience developing vulnerability reports with detailed finding descriptions, test case reproduction steps, and prioritized recommendations
  • Cyber security certifications such as CISSP, CEH, GCIA, OSCP & OSCE
  • Ability to travel up to 25%

It would be advantageous in this position for you to demonstrate the following capabilities and distinctions:

  • BA/BS Bachelor's Degree
  • Consulting experience (internal or external)
  • Prior experience working on a security Red Team or other technical security assessment team
  • Prior experience leading a successful penetration testing program for a large organization
  • Prior experience conducting social engineering and client-side threats
  • Strong Kali Linux platform knowledge and skill working with standard penetration testing tools for discovery, vulnerability assessments, exploitation, post exploitation and social engineering
What will it be like to work for Hilton?

Hilton is the leading global hospitality company, spanning the lodging sector from luxurious full-service hotels and resorts to extended-stay suites and mid-priced hotels. For nearly a century, Hilton has offered business and leisure travelers the finest in accommodations, service, amenities and value. Hilton is dedicated to continuing its tradition of providing exceptional guest experiences across its global brands. Our vision to fill the earth with the light and warmth of hospitality unites us as a team to create remarkable hospitality experiences around the world every day. And, our amazing Team Members are at the heart of it all!



EOE/AA/Disabled/Veterans

Job Requirements

 

Job Snapshot

Location US-TN-Memphis
Employment Type Full-Time
Pay Type Year
Pay Rate N/A
Store Type IT & Technical
Apply

Company Overview

Hilton Corporate

We are Hilton. We are Hospitality. With hotels worldwide, we can offer opportunities to take your career to new and exciting places! Our vision is to “fill the Earth with the light and warmth of hospitality – by delivering exceptional experiences – every hotel, every guest, every time.” We do this by offering a global portfolio of brands that meet the highest standards of integrity, quality and service excellence. Join us now if you want to grow and develop personally and professionally with a legendary hospitality leader. Learn More

Contact Information

US-TN-Memphis
US Autopost

Icon-social-facebookIcon-social-glassdoorIcon-social-linkedinIcon-social-twitter
Snapshot
Hilton Corporate
Company:
US-TN-Memphis
Location:
Full-Time
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
IT & Technical
Store Type:

Job Description

***This position can be based in Memphis, TN; Dallas, TX; McLean, VA or Remote***


From smartphone capabilities like Digital Key to connected rooms that allow for integrated entertainment, temperature and lighting controls, Hilton's Global Technology team builds the hospitality experience of the future - for our guests, owners and Team Members. Through innovative technology development and deployment, this team ensures Hilton has the technology needed to support our continued global growth while remaining at the forefront of hospitality technology innovation.


What will I be doing?

As the Senior Lead Cyber Assessor Penetration Tester, you will be executing penetration, vulnerability, and security assessments across a variety COTS and custom applications and platforms. The scope of your work will include performing security penetration testing in various environments, simulating real-world cyber-attack scenarios against technologies related to hospitality and lodging, and conducting a security red team exercise. You will provide actionable recommendations and mentorship for clients based on your assessment findings.


More specifically, you will:
  • Perform security penetration testing in various environments, simulate real world cyber-attack scenarios against a plethora of technologies related to hospitality and lodging, as well as successfully conduct a security red team exercise.
  • Provide actionable recommendations and guidance for clients based on the assessment findings.
  • Learn and execute on any client requests and form positive partnerships with customer staff in structured and unstructured situations.
  • Present the results of penetration tests to client partners to include senior or executive leadership.
  • Use your solid grasp and deep understanding in Information Technology and security vulnerabilities to simulate threat modeling and attack scenarios.
  • Utilize your experience ranking vulnerabilities based on context and possible impact.




What are we looking for?


We are seeking problem solvers who are passionate about growing market share in a dynamic industry and who love to combine their analytical skills with business insight. We believe success in this role will demonstrate itself through the following attributes and skills:
  • Motivated Self-Starter with 'Can do' attitude that takes initiative and has the ability to spin up quickly on technologies, challenging opportunities, topics, and advances in the cyber security field that require ongoing learning and self-training
  • Good interpersonal, verbal, and written communication skills to successfully accomplish client-facing interactions and presentations to positively influence Hilton's partners
  • Experience with multiple Information Security domains: Cyber Architecture, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Database and Platform Security, Identity and Access Management, Policy and Governance, Cloud Security, RFID, BLE, Encryption, Penetration Testing, Vulnerability Scanning and Management, and Compliance and Risk Management
  • Deep understanding of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat
  • Solid grasp of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
  • Previous experience with penetration testing processes, tools, and technologies and extensive knowledge of standard methodologies regarding their implementation
  • Deep understanding of global regulatory and legislative cyber security and privacy requirements like HIPAA, GDPR, SOX, PCI, etc.
  • Previous experience working with the Kill Chain, Diamond Model of Intrusion, and similar frameworks and concepts
  • Knowledge of industry research and standard methodologies in penetration testing and red teaming
  • Solid skills in various operating systems and enterprise platforms to include: Windows, Linux/Unix, Mac OS, iOS, Android, Active Directory, .Net framework, Oracle business products, SAP, etc.
  • Previous experience with tools such as Qualys, Rapid7, Checkmarx, Burp Suite, Black Duck and SD Elements
  • An aptitude for effectively addressing any issue in collaboration with others

To fulfill this role successfully, you must possess the following minimum qualifications and experience:

  • Five (5) years of professional experience in the Information Technology/Information Security industry
  • Two (2) years of professional experience IT-related penetration testing activities
  • Experience with execution of a variety of penetration testing assessments and vulnerability assessments to include network penetration testing, web application penetration testing, RF and RFID, Bluetooth, Zigbee, mobile device penetration testing, IoT testing as well as physical and social engineering exercises
  • Experience with typical scripting and programming languages - to include PowerShell, Python, VBA, JavaScript, C++, SQL, etc.
  • Experience developing vulnerability reports with detailed finding descriptions, test case reproduction steps, and prioritized recommendations
  • Cyber security certifications such as CISSP, CEH, GCIA, OSCP & OSCE
  • Ability to travel up to 25%

It would be advantageous in this position for you to demonstrate the following capabilities and distinctions:

  • BA/BS Bachelor's Degree
  • Consulting experience (internal or external)
  • Prior experience working on a security Red Team or other technical security assessment team
  • Prior experience leading a successful penetration testing program for a large organization
  • Prior experience conducting social engineering and client-side threats
  • Strong Kali Linux platform knowledge and skill working with standard penetration testing tools for discovery, vulnerability assessments, exploitation, post exploitation and social engineering
What will it be like to work for Hilton?

Hilton is the leading global hospitality company, spanning the lodging sector from luxurious full-service hotels and resorts to extended-stay suites and mid-priced hotels. For nearly a century, Hilton has offered business and leisure travelers the finest in accommodations, service, amenities and value. Hilton is dedicated to continuing its tradition of providing exceptional guest experiences across its global brands. Our vision to fill the earth with the light and warmth of hospitality unites us as a team to create remarkable hospitality experiences around the world every day. And, our amazing Team Members are at the heart of it all!



EOE/AA/Disabled/Veterans

Job Requirements

 
Sologig Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using sologig.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
Sr. Lead, Cyber Assessor Penetration Tester Apply now