Information Security Analyst

TravelClick provides innovative solutions for hotels around the globe that increase revenue, reduce cost, and improve performance. Our suite of solutions supports our clients with travel marketing and reservations management tools, as well as comprehensive business intelligence. TravelClick has a worldwide on-the-ground presence that enables us to maintain a deep understanding of local markets in the context of the global hospitality industry.

The Information Security Analyst is a key technical resource within the organization on all matters relating to cyber security. The role is responsible for guiding the IT organization with security technology, standards and consulting in the secure deployment and maintenance of information assets.

* React to evolving threat conditions and advise technology teams on risk and threat remediation. * Work closely with development teams to implement and maintain a robust Security Development Lifecycle * Conduct information security application reviews for medium to high risk projects at a key project gates * Perform regular network and application vulnerability assessments and penetration testing * Respond to information security incidents with expertise to quickly contain and eradicate the threat * Conduct forensic investigations maintaining chain of custody as appropriate * Stay current on common and emerging attack vectors as well as the best tools and practices for thwarting them * Ensure all controls required for regulatory compliance are in place and working as expected * Ensure the Confidentiality, Integrity, and Availability of TravelClick systems and networks.

* 3+ years of experience implementing network, systems, and application security * 3+ years of experience in Security Engineering, Security Risk Analysis, Policy, and Procedures * Technical knowledge in security engineering, secure application development lifecycle processes, authentication and security protocols, and cryptography * Experience analyzing and correlating information contained within network, event, and security logs * Strong understanding of IP addressing, TCP/IP ports and services, UDP, different levels of the OSI model, and exposure to common server operating systems * Strong understanding of Linux and Windows operating systems, especially as related to web hosting/SaaS environments * Knowledge and experience of advanced network and security platforms and tools: * Network analysis (e.g. NetFlow, Wireshark), FIM (e.g. Tripwire, OSSEC), Vulnerability analysis (e.g. Nmap, Nessus), SIEM, IDS/IPS, two factor authentication, and DLP * Knowledge and experience in virus, malware, ransomware, and rootkit prevention, identification, and cleanup * Familiarity with web application platforms such as Apache, Tomcat, JBoss, etc * Familiarity with web application languages such as Java, ColdFusion, PHP, etc **Education:** * Bachelor’s in Engineering, Computer Science, Information Technology or Mathematics required