• Ramada Worldwide
  • Parsippany , NJ
  • Non-Executive Management
  • Full-Time
  • 125 Janelle Blvd

Job Summary

The Engineer role for Vulnerability Management and Pen Testing actively protects the availability, confidentiality, and integrity of customer, employee, and business information. This is accomplished through performing two major functions within our team: enterprise wide vulnerability management and penetration testing. The role will, within these functions, help manage the day-to-day operations of our vulnerability management program by identifying key vulnerable areas within our organization through various tools and procedures, report on these vulnerabilities, and provide recommendations around remediation. These functions will contribute to measuring Wyndham s overall risk and help determine any gaps. This position will interact with all levels of technical and business personnel to provide security analysis and recommendations while remaining sensitive to business requirements.

Responsibilities
1 Daily Operations of enterprise vulnerability scanning tools & support infrastructure.
2 Support the technical analysis and recommendations for remediation of OS and Network
3 Support regulatory and productivity reporting using detailed data gathering and analysis
4 Conduct formal penetration tests on assets, networks and applications to identify weaknesses and or vulnerabilities using approved standard methodologies
5 Create written reports, detailing assessment findings and recommendations
6 Understand and operate application security vulnerability scanning tools and report on findings

Complexity

Once acclimated to the organization, this role would have decision-making authority around the operations of the team tools and systems, including continuous improvements for operations and efficiencies. This role would also have decision making authority during the consultation of various teams around vulnerability remediation. It is expected that this role should be able to operate independently within 6 months with day-to-day operations, and within 10-12 months operating in the field for penetration tests. There are no supervisory responsibilities expected for this role.

Financial Responsibility

Every day the information security team works towards securing the information technology of our organization. Within this team, we work tirelessly to ensure that technical security gaps are identified through various automated and manual tests and track those findings through remediation. This role will help manage the scope of vulnerabilities detected, those that need further research, and those that are ready to be escalated for remediation. This cycle paired with proper resources are critical to manage this type of cybersecurity assessment to actively protect the availability, confidentiality, and integrity of customer, employee, and business information.

Education & Experience

  • Experience with vulnerability management solutions such as Rapid7, Tenable, or Qualys
  • Experience and understanding of system vulnerabilities, exploits, POC code.
  • Experience as an offensive penetration tester, including frameworks, procedures, and tools such as Metasploit, Cobalt, etc.
  • Experience with social engineering testing
  • Practical experience with Windows and Linux operating systems
  • Experience in Wireless and Network assessment in enterprise infrastructure
  • Solid understanding of security controls assessment techniques and computer networking
  • Familiar with Amazon Web Services (AWS) infrastructure, computing, and security.
  • Experience with common programming or scripting languages such as Perl, Python, Ruby, Java, PHP, etc
  • Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement
  • Familiar with the fundamentals of web applications including authentication, session management, requests, form submittal, etc.
  • Understanding and ability to exploit Cross Site Scripting, SQL injection, and other common vulnerabilities
  • Excellent report writing skills and oral communication skills.
  • Passionate about new technology and ideas
  • Creative thinker and excellent collaborator.
  • Ability to travel to 15% -- domestic and international on-site penetration tests.
  • Interested in offensive security, cybercrime, incident response
  • B.A. or B.S. from a four year accredited university
  • 3+ years of cyber security experience
  • Experienced Penetration Tester GIAC GPEN Certification, a plus
  • COMPANY OVERVIEW:
    Wyndham Hotels & Resorts is the largest hotel franchisor in the world and a leading hotel management company. We stand 20 brands strong across 9,000 hotels in more than 80 countries, and we offer the most diverse collection of hotel experiences in the world. Our iconic brands, united by the richest and simplest rewards program in the business, make hotel travel possible for all.

    Our hotel owners are the stewards of our brands, and together, we champion everyday travelers. We believe guests deserve great experiences, and our robust portfolio distinguished by our leading economy and midscale brands delivers just that.

    We are AmericInn by Wyndham, Baymont by Wyndham, Days Inn by Wyndham, Dazzler by Wyndham, Dolce Hotels and Resorts by Wyndham, Esplendor Boutique Hotels by Wyndham, Hawthorn Suites by Wyndham , Howard Johnson by Wyndham, La Quinta Inns & Suites, Microtel by Wyndham , Ramada Encore by Wyndham, Ramada Worldwide by Wyndham, Super 8 by Wyndham, The Trademark Collection by Wyndham, Travelodge by Wyndham, TRYP by Wyndham , Wingate by Wyndham , Wyndham Garden , Wyndham Grand and Wyndham Hotels and Resorts .



    * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

    Launch your career - Upload your resume now!


    Loading some great jobs for you...