Senior Manager, Information Security - Risk and Compliance

Senior Manager, Information Security - Risk and Compliance

12 Jul 2024
South Carolina, Columbia, 29201 Columbia USA

Senior Manager, Information Security - Risk and Compliance

Vacancy expired!

Job Number 24121520Job Category Information TechnologyLocation Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United StatesSchedule Full-TimeLocated Remotely? YRelocation? NPosition Type ManagementJOB SUMMARYResponsible for managing security compliance, including network compliance, endpoint compliance and exceptions processing. Reviews endpoints for compliance with Marriott’s endpoint security technology policies, tracking areas of non-compliance and working with stakeholders to bring those areas back to compliance. Responsible for reviewing, approving and tracking any policy exceptions and for working closely with the Risk Management team to ensure alignment of Enterprise Risk. The position manages and improves the IT Security Compliance inventory/lifecycle within our environment including inventory and monitoring of all asset assessment and data analysis, reporting and findings remediation.CANDIDATE PROFILEEducation and ExperienceRequired:

Bachelor’s degree in computer sciences or related field or equivalent experience/certification

7+ years of general information technology experience with at least 3+ years’ experience implementing, managing and/or governing endpoint security technologies, like encryption, Anti-Virus, Endpoint-Detection & Response (EDR), Application Control technologies, network access control (NAC), network security, and host-based intrusion detection systems.

Preferred:

Working knowledge of IT Endpoint management tools like: Active Directory, BigFix, Tanium, CrowdStrike, Deep Security, McAfee, Bitlocker, ServiceNOW, Tenable, Vault, Privilege Manager, Application Control, Intune, Forescout NAC, Cisco, Palo Alto, F5, Juniper, NetMRI, Firemon, Netskope, Delinea

Current information security certification, including Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Information Systems Security Professional (CISSP), Cisco Certified Networking Associate (CCNA), Certified Network Defender (CND), Security+, or Certified Third Party Risk Professional (CTPRP)

Extensive experience and expertise in security policy creation and endpoint lifecycle management to EOL and EOSL, auditing methodology, and technology risk assessments for Windows, Linux, AWS and Azure endpoints as well as ESXi, firewalls, switches and routers

Experience with reporting dashboards and metrics tracking for Endpoint compliance within large global enterprises

Technical leadership experience in an Information Technology Outsourced (ITO) environment and with Local Service Providers (LSPs)

Project management skills and abilities to lead and drive IT Security Compliance Projects.

Excellent communication/reporting skills and problem-solving ability related to IT Security Compliance.

Technical infrastructure operations, network administration, or engineering background and familiarity with ACLs, VLAN and SD-WAN concepts

Knowledge of IT Protocols such as ARP, TCP/IP, WMI, SNMP, SMB, SSL, TLS, SMTP, SOAP, Web Services, or Kerberos.

Oversees, plans and conducts security policy compliance, risk assessment, exception evaluation, and processing for applications, infrastructure, data, and third-party vendor solutions.

CORE WORK ACTIVITIESSecurity Risk & Compliance

Consistently monitors compliance to applicable security policies and standards and reports related risk issues

Executes technical risk assessments, advises business and IT leaders on risk of initiatives/tools

Defines and executes Third Party / Vendor Security Risk Assessment programs

Oversees and evaluates documentation and validation processes to ensure the organization meets Security assurance and privacy requirements.

Assigns appropriate level of risk and drives compliance to Endpoint Security internal policies and external regulations.

Manages and administers processes and tools that identify, document, and retain intellectual capital and information content.

Conducts assessments on threats and vulnerabilities, determines deviations and level of risk. Follows up assessments with questions, gap identification, and testing on assessed risk.

Performs analysis on results and determines risk threshold.

Delivers recommendations advising leadership and vendors on present risk and whether additional remediation or action is required.

Develops, recommends, and operationalizes appropriate mitigation countermeasures. Advocates for any resulting needed policy changes.

Creates and drives development of process and policy documentation.

Maintaining Goals

Submits reports in a timely manner, ensuring delivery deadlines are met.

Promotes the documenting of project progress accurately.

Provides input and assistance to other teams regarding projects.

Managing Work, Projects, and Policies

Manages and implements work and projects as assigned.

Generates and provides accurate and timely results in the form of reports, presentations, etc.

Analyzes information and evaluates results to choose the best solution and solve problems.

Provides timely, accurate, and detailed status reports as requested.

Demonstrating and Applying Discipline Knowledge

Provides technical expertise and support to persons inside and outside of the department.

Demonstrates knowledge of job-relevant issues, products, systems, and processes.

Demonstrates knowledge of function-specific procedures.

Keeps up-to-date technically and applies new knowledge to job.

Uses computers and computer systems (including hardware and software) to enter data and/ or process information.

Delivering on the Needs of Key Stakeholders

Understands and meets the needs of key stakeholders.

Develops specific goals and plans to prioritize, organize, and accomplish work.

Determines priorities, schedules, plans and necessary resources to ensure completion of any projects on schedule.

Collaborates with internal partners and stakeholders to support business/initiative strategies

Communicates concepts in a clear and persuasive manner that is easy to understand.

Generates and provides accurate and timely results in the form of reports, presentations, etc.

Demonstrates an understanding of business priorities

Additional Responsibilities

Provides information to supervisors and co-workers by phone, e-mail, or in person in a timely manner.

Demonstrates self confidence, energy and enthusiasm.

Informs and/or updates leaders on relevant information in a timely manner.

Manages time effectively and conducts activities in an organized manner.

Presents ideas, expectations and information in a concise, organized manner.

Uses problem solving methodology for decision making and follow up.

Performs other reasonable duties as assigned by manager.

California Applicants Only: The salary range for this position is $96,038 to $209,169 annually.Colorado Applicants Only: The salary range for this position is $96,038 to $190,154 annually.Hawaii Applicants Only: The salary range for this position is $116,205 to $209,169 annually.New York Applicants Only: The salary range for this position is $96,038 to $209,169 annually.Washington, D.C. Applicants Only: The salary range for this position is $105,641 to $190,154 annually.Washington Applicants Only: The salary range for this position is $96,038 to $209,169 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus. Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.The application deadline for this position is 28 days after the date of this posting, July 11, 2024.Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work,​ begin your purpose, belong to an amazing global​ team, and become the best version of you.

Related jobs

Job Details

Jocancy Online Job Portal by jobSearchi.