Job Number 20025066
Job Category Information Technology
Location Marriott International HQ| 10400 Fernwood Road| Bethesda|
Maryland| United States
Position Type Management
Start Your Journey With Us
Marriott International is the world’s largest hotel company| with more brands|
more hotels and more opportunities for associates to grow and succeed. We
believe a great career is a journey of discovery and exploration. So| we ask|
where will your journey take you?
The position is responsible for the design| deployment| and configuration of
the data security in Cloud IaaS| PaaS and SaaS environments. Enable the
organization to store| transmit and process sensitive data in these
environments| while implementing and monitoring compliance with data
governance policies| data security procedures| data privacy procedures.
Education and Experience
Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
5+ years of information technology experience| with 3+ years of experience in information security
3+ years’ experience implementing| managing or governing security technologies| including encryption| access control| network security| intrusion detection
2+ years’ experience in in data security for multi-tenant Cloud IaaS| PaaS and SaaS environments.
Current information security certification| including Certified Information Security Manager (CISM)| or Certified Information Systems Security Professional (CISSP)
2+ years’ experience with Public Cloud environments
Familiarity with security frameworks CSA| NIST| CIS| PCI DSS| etc.
Demonstrated experiences identifying and assessing cloud security vulnerabilities and risks
Expertise in researching & evaluating identified vulnerabilities and risks to the organization|s information and systems
Technical leadership experience in a sourced environment.
Demonstrated previous responsibility for operational security for development| test| and production environments for Cloud IaaS| PaaS and SaaS environments.
Project management skills
Technical infrastructure operations| administration| or engineering background
CORE WORK ACTIVITIES
Support the remediation of identified risks| endorse preventative solutions gather requirements| and influence stakeholders to reduce risk and maintain security alignment to corporate and or industry requirements.
Create and implement an operational security program to ensure the security of data in Cloud IaaS| PaaS and SaaS.
Partner with IT and Risk Management partners to develop and implement a comprehensive set of cyber-security policies and procedures governing Cloud IaaS| PaaS and SaaS environments.
Collaborate with Professional Services and Customer Support to create comprehensive guidelines and best practices for deployment of data security in Cloud environments.
Develop and maintain an effective cyber-security incident management process related to the data in Cloud environments.
Identify| select| deploy| and maintain appropriate monitoring and configuration management tools to provide proactive monitoring and management of the security posture of production environments.
Identify| select| deploy| and maintain authentication| authorization| and auditing solutions for production operations.
Stay current on cloud security policies| standards| regulations making recommendations for the company
Act as an advocate of information security policies| standards| controls and as an enabler to the business while managing risk appropriately
Track and report on the status of cloud data security risks to corporate/industry requirements.
Apply security-level knowledge of cloud environments| to continuously monitor solutions to understand and provide direct guidance for security remediation activities.
Partner with enterprise teams to establish preventative controls to support security needs via automation.
Play a key role in implementation & delivery of a formalized information security awareness offerings related to Public Cloud environments. Maintain strong awareness of cloud security incidents in the external community to identify threats and opportunities for enhancement. Apply those learnings to Cloud Security program and associated solutions