**_*Relocation Assistance Provided_** **SYSTEM JOB** **TITLE:** **CYBER SECURITY ANALYST II** Generic Position Summary As a member of the professional staff, contributes general knowledge and skill in a discipline area (e.g. Accounting, Finance, Human Resources, Information Resources, Operations Planning & Support, Sales & Marketing) to support team and/or department objectives. Generally, works under limited supervision, but within established guidelines, producing and analyzing more complex business information to assist in the decision-making process. Specific Job Summary As a Cyber Security Analyst II, this role is responsible for supporting incident response activities leveraging expertise to monitor and analyze security events, investigate incidents, and provide advanced threat detection and response. Collaborating closely with other SOC analysts and security team members to triage and escalate security incidents as necessary, ensuring timely resolution and minimizing impact. Responsibilities include fine-tuning detection mechanisms, developing playbooks, and conducting thorough forensic analysis to identify root causes and mitigate future risks. Additionally, this role contributes to continuous improvement initiatives by providing insights and recommendations based on findings. A proactive approach and technical proficiency are crucial in safeguarding company systems and data against evolving cyber threats. Generic Expected Contributions + Responds to, solves and makes decisions on more complex/non-routine business requests with limited to moderate risk. + Assists more senior associates in achieving business results by: + identifying opportunities to enhance the effectiveness of business processes. + participating in setting department operating plans. + achieving results against budget within scope of responsibility. + Demonstrates an awareness of personal strengths and areas for improvement and acts independently to improve and increase skills and knowledge. Specific Expected Contributions + Monitors security tools for alerts and follow defined processes to remediate. + Resolves security incident tickets according to established service level agreements. + Evaluates and improves existing detection rules for continuous improvement. + Works with security incident response team to investigate potential security breaches. + Maintains process documentation such as Standard Operating Procedures. + Works with security incident response team to investigate potential security breaches. + Provides feedback to other security teams on potential security enhancements based on detected events. + Proactively searches IT systems for novel and hard-to-detect attacks and hacking techniques based on Senior Threat Intelligence Analyst findings. + Provides technical and analytical support of technologies that support network and system security monitoring at an enterprise level. + Communicates with system owners, custodians, and IT contacts to pursue security testing activities, including obtaining access to systems, digital artifact collection, and containment and/or remediation actions. + Assists in analyzing findings and document results and produce reports. + Performs other similar duties as assigned. Generic Candidate Profile Successful candidates should possess knowledge, experience and demonstrate leadership skills as follows: Generally, a professional position with specific knowledge in a discipline (e.g., Accounting, Human Resources, Information Resources). College degree and/or relevant experience typically required. Specific Candidate Profile **Education** + Bachelor’s degree in information technologyorrelateddiscipline orequivalent work experience. **Certifications** **Preferred** + Splunk Core Certified User + Splunk Certified Cybersecurity Defense Analyst + Certified Cyber Threat Hunter (CCTH) + GIAC Certified Intrusion Analyst (GCIA) + Certified Ethical Hacker (CEH) **Experience** + 3-5 years of experience in cyber security field. + At least one year in a Threat Intelligence or Threat Hunter role. **Skills/Attributes** + Analytical and Strategic Thinking + Exceptional analytical skills to interpret complex data and identify sophisticated threats. + Technical + Basic understanding of cyber threat hunting. + Basic understanding of open-source intelligence (OSINT), industry reports, and internal data. + Demonstrated understanding of the threat intelligence life cycle, network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs). + Experience with one or more of the following tools: Email/Phishing, DLP, IDS/IPS and/or, WAF. + Knowledgeable in security incident response process, network forensics and host-based forensics. + Good Knowledge of EDR tools such as CrowdStrike Falcon, Carbon Black, or similar. + SIEM Platforms: In-depth experience with platforms like Splunk, QRadar, or Sentinel. + Experience in creating logging standards that align with various compliance and best practice requirements to include (but not limited to) Sarbanes Oxley, PCI, and the MitreAtt&ck framework. + Forensic Tools: Basic understanding of forensic tools such as EnCase, FTK, or SIFT Workstation. + Interpersonal Skills + Communication: Proven verbal and written communication skills to convey technical concepts to non-technical stakeholders in easy-to-understand ways. + Collaboration: Proven ability to collaborate within the Global Technology organization at all levels, vendors, and Managed Service providers to architect solutions and oversee successful project implementations. + Additional Attributes + Ability to multi-task, problem solve and meet deadlines. + Willingness to work outside of regular business hours as required which can include evenings, weekends, and holidays. Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture