Responsible for executing, maintaining, and advancing processes and solutions to proactively identify threats, monitor security events, and collect, correlate, and analyze data to detect actual or potential suspicious activity and unauthorized accesses to Starwood’s networks, systems and data.
Triage security events and oversee resolution globally. Areas of Focus and Responsibility
Understand current and emerging threats in the hospitality industry through the establishment of strong relationships with threat intelligence organizations
Build and Maintain close relationships with key IT stakeholders and technology teams at the properties, to assist in reduction of risk and enhancement of security posture
Manage ongoing operations of threat and security event, incident response programs
Review and analyze threat intelligence and work collaboratively with security and technology and teams to identify, validate, and raise awareness of areas of weakness in the Starwood technology environment
Conduct forensic analysis and perform incident root-cause analysis as needed
Create and maintain metrics and management level reports
Requires a close relationship with leadership and solutions delivery resources including on shore and off shore Accenture application development and run teams, divisional IT leadership and IT Risk Managers, and enterprise business unties that develop/support their own applications
Requires a good relationship between other members of the Information Risk & Security Team, Other Starwood I.T. and business Teams, Vendors, and partners.
College Degree in Computer Science or course of study or a minimum of 7 years in Information Security
Experience in threat and security event / incident response
Information Security Certifications (CISSP, SANS/GIAC, ISC2, etc)
Certification in Incident Response and/or Digital Forensics a plus.
5-10 years hands on experience
A thorough understanding of the OSI model
Knowledge of TCP/IP networking
Knowledge of commonly used ports and protocols
Knowledge of global threats, in particular the hospitality industry
Essential – Experience in threat, and security event / incident response in large organizations
Working knowledge of forensic tools/processes, in particular, EnCase (strong plus)
Working knowledge of Windows and Unix Operating Systems
Working knowledge of SIEM operations