The Information Security Engineer 3 is an experienced technical member of a dynamic cybersecurity incident response team.
What you will do...
- This role enables the Incident Response team by configuring and maintaining multiple enterprise security tools, by developing new alerts for emerging TTPs used by adversaries, and by working closely with other InfoSec teams to ensure data sources are formatted and ingested effectively.
- Develops and maintains Incident Response tools, logs, configs and alerts
- Uses enterprise security tools to identify and respond to threats
- Participates in and performs incident response activities when necessary
- Assesses the production environment continuously to ensure compliance with Choice Hotels Information Security Policies and Standards and business needs
- Maintains and tunes security technologies such as SIEM, WAF, EDR across Choice systems and networks
- Assists in the development of standards and selection criteria to identify appropriate security solutions to support business needs and security requirements
- Evaluates proposed changes that effect the technology environment to identify potential security gaps and recommends mitigating controls or options to include partnering with other teams to perform security testing
Skills you have...Education, Experience and Knowledge
- Bachelor's degree (B.S.) or equivalent; or four years related experience and/or training; or equivalent combination of education and experience.
- Minimum of 8 years professional Information Technology experience.
- Minimum of 4 years professional Information Security / Cybersecurity experience.
- Previous experience deploying, configuring or maintaining enterprise class security products such as SIEM, WAF, AV, EDR, NAC, etc.
- Expert understanding of enterprise networking principals, systems and associated security tools
- Analytical abilities to think critically with a desire to identify and solve complex problems
- Excellent communication skills; verbal, written and listening
- Exemplarily interpersonal skills to interact effectively in a team-oriented office environment
- Able to work under pressure and balance work load to ensure measurable progress on multiple high priority tasks.
- Ability to manage and prioritize multiple assignments supporting business as usual, user requests as well as special projects.
- Able to work both independently as well as collaboratively achieving results within established timeframes with minimal supervision.
- Ability and willingness to work long or late hours, based on system release and/or network update schedules
- Must be able to uphold Choice's Values & Performance Principles of collaboration, performance excellence, sense of urgency, openness to new ideas, inclusion & diversity, integrity, customer focus, and respect.
- Previous experience developing/deploying custom alerts for APT or Red Team style TTPs
- Creativity to configure security tools to detect hard to see bad guys
- Proficiency in scripting to automate tasks or run searches a plus
- Knowledge or experience with cloud security products or platforms
- Information Security certifications such as: SANs, ISC2, ISACA, etc.
We are an equal opportunity employer and make hiring decisions based on merit. Recruitment, hiring, training, and job assignments are made without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, or any other protected classification. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the City of Los Angeles' Fair Chance