CISSP Jobs - IT Security Engineer, 11260

at Best Western Hotels and Resorts
Location Phoenix, AZ
Date Posted May 3, 2018
Category Default
Job Type Full-time


IT Security Engineer

You are a forward-looking systems administrator or network administrator with strong IT security knowledge. You are seeking an opportunity to have a real impact on a company’s information security future. You have a strong foundation of implementing information security initiatives and designs and you desire a chance to be on the front lines of IT security for an international company. In short you seek an opportunity to help propel a company’s security structure to the next level. At Best Western, in Phoenix AZ, we want to empower a new IT Security Engineer to work with a strong team of architects, engineers and analysts to do exactly that. You will implement new system architectures with a security-related focus across all sectors of the company. Capitalizing on your creativity will positively influence the outcome of your projects. Keeping up with relevant technologies and contributing your voice for security will drive innovation and unite company efforts for consistent system security. As our Senior IT Security Engineer, you will ensure the confidentiality, integrity, and availability of company data and information technology assets by leading information security policy enforcement and risk management activities.  If this sounds like the challenge you seek, apply today!

In this role you will be responsible for engineering and implementing security architecture solutions in support of application development and infrastructure projects. Working closely with technical managers and leads, you will ensure secure solutions are properly addressed in all phases of development and infrastructure projects. This will include:

  • Research security advisories and threat intelligence sources.  Evaluate impacts to Best Western's infrastructure and advise on appropriate actions to protect the organization's network and systems. 
  • Define, document, review, and execute response procedures to effectively manage security incidents. 
  • Support year-round compliance with PCI-DSS and other regulatory mandates.
  • Update and enforce Information Security Policies and Procedures. 
  • Provide leadership and guidance to junior team members in improving their skills at the Analyst or Engineer level. 
  • Review findings from security-focused application code scanning tools.  Collaborate with development teams to implement solutions that address significant findings.

You will bring to the table at least 2 years of experience in information security in a large-scale environment, with strong knowledge of vulnerability assessment, SIEM, and intrusion detection methodologies. Alternatively, you will have at least 3 years of experience in systems/network administration with knowledge in the security area. You will have strong communication skills including the ability to communicate effectively with non-technical people. Ideally (but not required) you will have a CISSP, CISA, SANS certifications, CEH or related information security experience. Additionally, you will have experience or knowledge in the following areas:

  • Hands-on experience with vulnerability scanning, intrusion detection, file integrity monitoring, data loss prevention, and log monitoring solutions.  Familiarity with Nessus, Snort, Tripwire, Symantec DLP, and Splunk is desirable.
  • Ability to explain common TCP/IP protocols and best practices for secure usage.  Demonstrated knowledge of Unix and Windows operating systems.
  • Knowledge of Risk Assessment frameworks such as NIST and COBIT.  Familiarity with Change Management frameworks such as ITIL.
  • Understanding of network security principles, cryptography, role-based access control, application security, and common scripting languages (e.g., Python, PowerShell).
  • Experience with credit card and data privacy regulations such as PCI-DSS and EU Privacy Shield.
  • Experience with software security assessments using tools such as SonarQube and Burp Suite. 
  • Knowledge of secure coding practices and source code review techniques is desirable.

Best Western Hotels & Resorts headquartered in Phoenix, Arizona, is a privately held hotel brand with a global network of 4,100† hotels in more than 100† countries and territories worldwide. Best Western offers 10 hotel brands to suit the needs of developers and guests in every market: Best Western®, Best Western Plus®, Best Western Premier®, Vīb®, GLō®, Executive Residency by Best Western®, and BW Premier Collection®; as well as its recently launched franchise offerings: SureStay®, SureStay Plus® and SureStay Collection®. Now celebrating more than 70 years of hospitality, Best Western provides its hoteliers with global operational, sales and marketing support, and award-winning online and mobile booking capabilities. Best Western continues to set industry records regarding awards and accolades, including 64 percent of the brand’s North American hotels earning a TripAdvisor® Certificate of Excellence award in 2017, Business Travel News® ranking Best Western Plus and Best Western in the top three upper-mid-price and mid-price hotel brands for three years in a row, and Best Western receiving seven consecutive Dynatrace® Best of the Web awards for its leading hotel website. Best Western has also won eight consecutive AAA®/CAA® Lodging Partner of the Year awards, recognizing the brand’s commitment to providing exceptional service and great value to AAA’s 56 million members in the U.S. and Canada. Over 30 million travelers are members of the brand’s award-winning loyalty program Best Western Rewards®, one of the few programs in which members earn points that never expire and can be redeemed at any Best Western hotel worldwide. Best Western’s partnerships with AAA/CAA and Harley-Davidson® provide travelers with exciting ways to interact with the brand. Through its partnership with Google® Street View, Best Western is the first major company of its size and scale to launch a virtual reality experience for customers, setting a new industry standard and reinventing how guests view hotels.