Senior Engineer

Our Loews Hotels & Co Home Office remote teams provide support to all our properties throughout the United States and Canada. Our talented teams provide guidance over strategic planning, operations, revenue management, communications, marketing, finance, human resources, and information technology.

Who We Are: Loews Hotels & Co is a leading owner and operator of luxury hotels with a portfolio consisting of 25 hotels and resorts in the United States and Canada. Located in major city centers and resort destinations from coast to coast, the Loews portfolio features one-of-a-kind properties that go beyond Four Diamond standards and embrace their “uniquely local” community to curate exciting, approachable and local travel experiences for guests.

What We Offer:

• This is a bonus eligible position
• Competitive health & wellness benefits, 401(K) & company match
• Paid Sick Days, Vacation, and Holidays, Paid Bereavement, Paid Pet Bereavement
• Training & Development opportunities, career growth
• Tuition Reimbursement
• Employee Hotel Rates Discounts, other discounts, perks and more

What We’re Looking For: A motivated security professional eager to contribute to the improvement of Loews Hotels’ security posture. An individual with a strong security background, committed to continuous learning and the implementation of innovative solutions. Ready to collaborate closely with other members of the Security Operations and IT Service teams to deploy robust security measures across the enterprise. Serve as a significant contributor to the development, implementation, and maintenance of endpoint security solutions that safeguard against cyber threats and vulnerabilities.

Who You Are:

• A highly motivated and results driven self-starter
• An IT security enthusiast who is passionate about technology and problem solving
• A service-oriented team player who works well in a dynamic, fast paced environment
• An excellent communicator with an ability to adapt to the communication style of others
• A continuous learner that stays abreast of industry knowledge and technology

What You’ll Do:

• Provide subject matter expertise on endpoint security technologies including the design, configuration, integration and deployment of enterprise security software and infrastructure.
• Enhance and maintain endpoint security platforms and processes including Anti-Virus, Anti Malware, Encryption, System Hardening, EDR, MDM, Web Content Management, DNS Security, Identity Solutions SIEM and Patch Management.
• Perform threat analysis, monitor security events for signs of security breaches and triage any suspicious behavior.
• Assist with the health, performance, stabilization and tuning of all endpoint infrastructure.
• Work with senior leadership on the research and analysis of emerging technologies that enhance security capabilities and support current and future business objectives. Participate and contribute on enterprise technology evaluations and roadmap discussions with third party vendors.
• Evaluate existing endpoint security solutions and participate in the design of strategies to enhance protection against emerging threats.
• Assess existing security technologies to establish opportunities for improved endpoint protection controls.
• Ensure security solutions, policies and procedures are sufficient to meet and respond to threats to our data and endpoint infrastructure. Recommend and provide technical support processes, metrics, and SLAs.
• Maintain and enforce endpoint security policies and standards in alignment with corporate Governance, Security-Risk and Audit policies, procedures, industry regulation, best practices, and security frameworks (e.g., ISO 27001, NIST, CIS).
• Create and Deliver reports pertaining to endpoint security and compliance.
• Support and document the implementation of approved endpoint security software and infrastructure components.
• Oversee projects from inception to closure ensuring completion according to business requirements and stakeholder standards.
• Ensure compliance with corporate Governance, Security-Risk and Audit policies, procedures, and best practices.
• Perform continuous mentorship and development of junior staff members. Be a point of contact for escalation and engagement.
• Develop technical documentation, policies, and procedures for endpoint security application use and support. Communicate technical standards to Information Technology teams and junior team members.
• Regular attendance in conformance with standards; attend required meetings and trainings.
• May be required to work varying schedules to reflect business needs.
• Demonstrate a proactive approach towards work activities.
• Manage multiple projects to timely, successful completion.
• Perform other duties as assigned.

Your Experience Includes:

• 4 Year college/university degree or technical degree or applicable industry certifications and relevant experience required
• 5+ years of experience in Information Security in an enterprise environment
• 2+ years of experience as a technical project lead and primary support role
• Extensive hands-on experience and expertise in endpoint security technologies and solutions to include:
  • Endpoint encryption
  • Threat hunting and remediation
  • Exploit mitigation
  • Vulnerability assessment, management, and monitoring tools
  • Anti-virus/malware telemetry
  • Configuration and operation of Windows/MAC/Linux operating systems
  • Triaging of security events from SIEM and other security appliances
  • Identity and cyber security software-based tools, audits and compliance
  • Incident response, documentation, and reporting
  • Mobile device management, Cloud, security, and investigations
  • Network protocols – IP, DHCP, DNS
  • Microsoft Active Directory, Azure Active Directory and associated components
  • Web Content Management
  • Patch Management
• Strong knowledge of host and networked based attack methodologies
• Solid understanding of various governance frameworks such as ITIL and NIST
• Expertise in endpoint security best practices
• Knowledge of network and firewall infrastructure
• Preferred experience and certifications:
  • Knowledge of Security Technologies from Ivanti, Mobile Iron, Sentinel One, LogRhythm, Sophos, Cisco Umbrella and CyberArk
  • Experience in retail, travel, restaurants, or hospitality
  • Experience in compliance with PCI and SOX
  • Microsoft Security Certifications
• Must be able to safely lift and carry computer equipment (computers, monitors, servers, switches, firewalls, etc.)
• Excellent analytical and problem-solving skills, with the ability to troubleshoot complex security issues
• Effective communication and interpersonal skills, with the ability to collaborate across teams
• Ability and willingness to work a flexible schedule to include weekends and holidays
• Must be willing to travel domestically or abroad up to 20% of the time