About Us

Our foundation in family goes back to 1957, when entrepreneur Jay Pritzker purchased the original Hyatt House motel. Pritzker and his brother, Donald, worked to grow the Hyatt brand, powered by their belief in the importance of family and care. As of March 31, 2020, Hyatt is a global hospitality company with 20 premier brands and more than 900 hotel, all-inclusive, and wellness resort properties in over 65 countries across six continents.With more than 127,000 colleagues across 65 countries, we embrace all cultures, races, ethnicities, genders, sexual orientations, ages, abilities, perspectives, and ways of thinking. Our culture is one that empowers every individual to be his or her best, and such authentic connection inspires the way we care for each other and for our guests.Be a part of something bigger. Enjoy life every day. Make a difference in the lives of those around you. Love where you work. Join a company that values respect, integrity, humility, empathy, creativity, and fun. With careers spanning the globe, your perfect opportunity awaits. Discover why Hyatt is consistently ranked one of the world’s best places to work.

Gallery

No Gallery photos found

Senior Analyst - Cyber Security Compliance Operations

Industry : Other Industry

Department : IT and Computers

Location : Chicago, United States

Level : Staff Line level

Posted : 26 May 2022

Job Role : Other Role

Recruiter : Hyatt Hotels

Job Ref : HOZ61452

Employment Type: Permanent

Job Type :

Validate Through : 2022-07-25

Salary Range (monthly): USD 1 to 2,000

Contact :

: Any

Salary Details

Salary Description: Competetive Salary Offered

Job Description For Senior Analyst - Cyber Security Compliance Operations

Description

This is an exciting, fully remoteopportunity to join the Cyber Security organization at Hyatt. The Senior Analyst - Cyber Security Compliance Operations role will report to the Manager, Cyber Security Compliance Operations, leading Hyatt's Third-Party Risk Management (TPRM) enterprise program from a cybersecurity perspective.As a member of the Cyber Security Compliance Operations team, you will implement and manage formalized processes for evaluating, selecting, monitoring and auditing our third-party vendors, while also working with business partners to support their specific needs and timelines.

Qualifications
Position Responsibilities / Essential Functions

•Support Hyatt's global Third Party Risk Management (TPRM) Program, which includes developing, enhancing and maintaining the process through the use of automation tools including third-party/GRC platform.

•Create and maintain governance documentation on our global TPRM program, which includes policies, standards, procedures, risk definitions and requirements.

•Plan and conduct third-party vendor assessments focusing on compliance with regulations, company policies and internal controls. Communicate risks and track remediation plans.

•Identify key program metrics to measure the effectiveness of the program including creation of reports and scorecards.

•Communicate TPRM initiatives with various stakeholders across Hyatt.

•Work with Legal and Procurement to integrate TRPM processes for vendor selection and contract negotiations. Conduct contract reviews to ensure cyber security provisions are in place.

•Participate in Cyber Security Governance, Risk and Compliance processes to provide guidance on security risks and improve security posture.

•Be the champion of change and process improvements by actively seeking opportunities to automate and improve processes throughout the organization.

•Work with various business owners to understand the challenges they face and how to improve efficiency throughout their organization through automation and process improvements.

•Demonstrate a commitment to Hyatt core values (included in all job descriptions).

•The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary (included in all job descriptions).

Experience

•Minimum of 3-5 years or a combination of work experience within Cyber Security domains such as Governance Risk, & Compliance and Third Party Risk Management.

•Deep understanding and experience on organizational process improvements, working with Governance Risk and Compliance (GRC) platforms, and workflow automation platforms.

•Experience in risk assessment that includes third party and security assessments.

•Deep understanding of risk frameworks and risk methodologies including, NIST, CIS, COBIT and ISO.

•Knowledge of SOC reports, ISO certifications, PCI report on compliance and any independent attestation reports that may include compliance and privacy regulations.

•Experience with creating and implementing cybersecurity policies, standards, and procedures.

•Knowledge of information systems terminology, controls, and practices.

•Proactive self-starter with the ability to work independently and as part of a larger team.

•Strong verbal and written communication and presentation skill.

•Ability to effectively interact with different areas and level of the organization (especially leadership).

Education

•Bachelor's degree in Cyber Security, Information Systems, or related discipline.

Certificates, Licenses, Registrations

•Certifications (Desirable): CISA, CISM, CISSP, Six Sigma, ITIL, PMP

Computer Skills Needed to Perform this Job

•Expert user of Microsoft suite (Word, PowerPoint, Excel)

•Experience with GRC and/or Workflow Automation Platforms (e.g. Archer, MetricStream, ZenGRC, LogicGate, etc.)

Additional Comments and Requirements

•Ability and willingness to operate in a fast-paced, complex corporate environment

•Travel may include approximately 5% of work time