Hyatt Analyst, Cyber Security Governance, Risk Management, and Compliance in CHICAGO, Illinois
At Hyatt Hotels, Cyber Security is a very important part of our mission to take care of people so they can be their best. The Analyst – Cyber Security Governance, Risk Management, and Compliance (GRC) plays a crucial role in completing that mission every day by ensuring that Hyatt manages our known risks and complies with regulatory mandates. The Analyst ensures compliance with Cyber Security regulations that Hyatt must follow, tracks compliance to the enterprise Risk Management Framework, and works to remediate identified security vulnerabilities in a timely manner.
It is important that Hyatt maintain an effective cyber security compliance program and the Analyst plays the most important role in that function.
- Work with properties to complete the yearly PCI attestation process and ensure all properties follow the established completion timelines.
- Act as a point of contact for compliance questions from the field and other business units.
- Track the remediation of identified cyber security risks and maintain Hyatt’s cyber security risk register.
- Monitor Hyatt’s Cyber Security Data Loss Prevention tools for signs that confidential information is being improperly handled.
- Work with an external vendor to continuously perform security awareness testing on Hyatt colleagues.
- Demonstrate a commitment to Hyatt Core Values The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.
Experience * At least two years of experience in the Cyber Security Governance or Auditing professions are preferred; however any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptable.
Education * A Bachelors degree or better in Cyber Security, Information Systems Auditing, or any other security-related subject is preferred; however any combination of education, experience, and certification that demonstrates the candidate can be successful in the position is acceptable.
Certificates, Licenses, Registrations * A CISSP or CISA certification is preferred; however any combination of certification, education, and experience that demonstrates the candidate can be successful in the position is acceptable.
Computer Skills * Experience with and understanding of the requirements of the Payment Card Industry Data Security Standard (PCI-DSS) is required. * Experience with and understanding of the control requirements of the Center for Internet Security Critical Security Controls (CSC20) is preferred. * Experience with project management or tracking remediation of cyber security vulnerabilities is preferred. * Familiarity with phishing and user awareness testing tools is preferred.
Additional Comments and Requirements * Ability to travel worldwide on an as-needed basis in an emergency is required (up to 5% of total work hours). * Position is located on-site at Hyatt headquarters in Chicago, IL. Remote work may be permitted for the ideal candidate.
Primary Location: US-IL-Chicago
Organization: Hyatt Corporate Office
Pay Basis: Yearly
Job Level: Full-time
Req ID: CHI009579
Hyatt is an equal employment opportunity and affirmative action employer. We do not discriminate on the basis of race, color, gender, gender identity, sexual orientation, marital status, pregnancy, national origin, ancestry, age, religion, disability, veteran status, genetic information, citizenship status or any other group protected by law.