Job Number 24136488Job Category Information TechnologyLocation Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United StatesSchedule Full-TimeLocated Remotely? YRelocation? NPosition Type ManagementJOB SUMMARY:The Marriott Enterprise Vulnerability Management group oversees attack surface reduction across a wide range of corporate, cloud, data center, and property locations. Our team members are passionate about protecting our data, systems, and service delivery functions across the globe against a broad range of adversaries. This role is responsible for the strategy, maintenance, and execution of Vulnerability Management solutions for the global enterprise. This role leads a team of security professionals to deploy, maintain, and operate enterprise vulnerability management assessment and reporting solutions. To participates in the selection, implementation and optimization of vulnerability management solutions for the Enterprise. The role guides, reviews and documents internal systems review activities. This role requires an in-depth technical knowledge of security engineering and vulnerability management solutions. It also requires an understanding of the lifecycle of cyberspace threats, attack vectors, and methods of exploitation, especially as they relate to global environment. It requires participating in designing, building, and maintaining integrations between various internal and SaaS applications. Maintaining operational and technical documentation related to the operational lifecycle of supported solutions is required, as is identifying improvements to ensure the inclusion of appropriate quality of delivery and compliance with security policy and regulations.CANDIDATE PROFILERequired Education and Experience
Bachelor’s degree in computer science or related field or equivalent experience/certification
8+ years of information technology leadership experience
5+ years’ direct management of cross functional, sourced, or matrixed teams
4+ years’ experience implementing, managing and governing enterprise grade vulnerability management technologies, including:
Vulnerability assessment solutions, inlcudingTenable.io
Vulnerability reporting solutions, preferably Cisco Vulnerability Management (Kenna Security)
External Attack Surface Management solutions
4+ years’ experience delivering positive business outcomes managing a blend of multi-vendor information security solutions
Preferred Experience:
Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or GIAC Security Leadership (GSLC).
Ability to communicate security concepts and needs to wide range of audiences, (including both technical and non-technical stakeholders
Experience directing and managing a remote team
Experience evaluating, selecting, and deploying SaaS and on-premise solutions.
Experience operating in environments simultaneously using cloud services from multiple cloud vendors.
Experience working with large data sets to develop performance and reliability measurements and reporting.
Working knowledge of IT security within an enterprise environment
Knowledge of automation development, code development using the Python programming language, and SOAR solutions.
Strong negotiating, influencing and problem resolution skills
Proven ability to effectively prioritize and execute tasks in a high-pressure environment
Experience in business systems and process planning
Experience with workflow solutions, including ServiceNow and Jira
Experience in agile workflow methodologies
Ability to translate information security objectives into mutually beneficial business strategies
Demonstrated ability to assess company needs, creatively approach solutions, and decide or influence appropriate courses of action
CORE WORK ACTIVITIESVulnerability Management
Collaborates with all technology teams to develop set of mature standards and best practices for delivering solutions that support discovery and remediation of vulnerabilities.
Provides technical leadership to the information vulnerability management process, including supporting remediation programs.
Develops and continuously improves metrics/KPIs for the vulnerability solutions program and reports them to senior leadership.
Works proactively with IT Infrastructure partners to maintain solutions that support strategic and tactical plans for vulnerability remediation.
Collaborates with other security teams in support of Global Information Security efforts (incident response team, threat management team, risk management team, security engineering, etc.).
Provides technical leadership, oversight, standardization, and validation of the effectiveness of solutions support efforts.
Participates in the evaluation and selection of security services products.
Ensures proper alignment to projects and major initiatives.
Provides analysis of the current environment to detect critical deficiencies and recommends solutions for improvement.
Stays abreast of technology industry and market trends to determine their potential impact on the enterprise.
Promotes the benefits of security solutions to the organization
Managing Work, Projects, and Policies
Coordinates and implements work and projects as assigned.
Generates and provides accurate and timely results in the form of reports, presentations, etc.
Analyzes information and evaluates results to choose the best solution and solve problems.
Develops specific goals and plans to prioritize, organize, and accomplish work.
Sets and tracks goal progress for self and others.
Monitors the work of others to ensure it is completed on time and meets expectations.
Provides direction and assistance to other organizational units’ policies and procedures, and efficient control and utilization of resources.
Leading Team
Creates a team environment that encourages accountability, high standards, and innovation.
Leads specific team while assisting with meeting or exceeding department goals.
Makes sure others understand performance expectations.
Ensures that goals are being translated to the team as they relate to tracking and productivity.
Creates and nurtures an environment that emphasizes motivation, empowerment, teamwork, continuous improvement and a passion for providing service.
Understands employee and develops plans to address need areas and expand on the strengths.
Provides the team with the capabilities needed to meet or exceed expectations.
Leads by example demonstrating self-confidence, energy and enthusiasm.
Conducting Human Resources Activities
Acts proactively when dealing with employee concerns.
Extends professionalism and courtesy to employees at all times.
Communicates/updates all goals and results with employees.
Meets semiannually with staff on a one-to-one basis.
Establishes and maintains open, collaborative relationships with employees.
Solicits employee feedback.
Interviews job candidates and assists in making hiring decisions.
Receives hiring recommendations from team supervisors.
Ensures orientations for new team members are thorough and completed in a timely fashion.
Observes behaviors of employees and provides feedback to individuals.
Additional Responsibilities
Provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.
Manages group or interpersonal conflict.
Informs and/or updates executives, peers, and subordinates on relevant information in a timely manner.
Manages time effectively and conducts activities in an organized manner.
Presents ideas, expectations and information in a concise, organized manner.
Uses problem solving methodology for decision making and follow up.
Performs other reasonable duties as assigned by manager
The salary range for this position is $113,850 to $216,315 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus and restricted stock units/stock grants.Washington Applicants Only: Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.The application deadline for this position is 28 days after the date of this posting, August 9, 2024.Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work, begin your purpose, belong to an amazing global team, and become the best version of you.