1. Home
  2. Director, Security Architect, Certification and Accreditation, GC

Offers “Marriott”

Expires soon
Marriott

Director, Security Architect, Certification and Accreditation, GC

  • Shanghai, CHINA
Apply Now

Job description

Job Number 24035378
Job Category Information Technology
Location Shanghai Operations, 9/F Tower B One ITC, Shanghai, Shanghai, China VIEW ON MAP
Schedule Full-Time
Located Remotely? N
Relocation? N
Position Type Management

JOB SUMMARY

 

Lead and manage security architecture and engineering team in Great China. Performs certification of Security Control attestations and evaluates the implementation of those controls in order to grant Approval to Operate for a release of new infrastructure, services, applications and processes into Marriott’s Production Environments in regional level. 

Leverages existing Security Engagement processes and documentation, in conjunction with security compliance tools, to determine control implementation status. Will routinely process ITSM Release and Security Engagement Tasks to document justification for all approvals. Will routinely collaborate with multiple teams, including, but not limited to, Business Release Sponsors, Project Managers, Security Architects, Security Architecture Analysts, and Change Management teams to ensure the Security Processes are followed and completed in order to accredit the engagement or release. 

Will routinely manage and communicate the status of the tasks assigned in ITSM to thoroughly document the accreditation resulting in granting of Approval to Operate. Understand, communicate, interpret and enforce MI Policies and Security Standards throughout the Certification and Accreditation process.  Understand and communicate control objectives in terms of both MI Policy and Standards and Security Best Practice Frameworks, including, but not limited to, NIST RMF, NIST CSF, PCI DSS, GDPR, MPLS, EU Privacy, ISO, as referenced in Marriott’s Common Controls Framework.  Will periodically provide status and metrics for the assigned C&A Engagements in order to provide visibility and transparency to GIS Senior Leadership

 

CANDIDATE PROFILE

Education and Experience

Required:

·  Bachelor’s degree in Information Systems, Computer Science or related field or equivalent experience/certification
·  8+ years’ experience in Information Security with:
·  3+ years in process-oriented Security Audit/Assurance/Technical Assessment role 
·  2+ years’ team management experience with security technical team members
·  1-2 years’ experience/exposure to Common Controls Framework
·  Exposure/functional understanding of NIST RMF
·  Current and relevant information security certifications such as: CISSP (Certified Information Systems Security Professional), (ISC)2 CGRC certification, ISACA, PCI QSA/ISA, ITIL, IS Certification & Accreditation Professional - ISCAP, GIAC Information Security Professional (GISP), 

Make every future a success.
  • Job directory
  • Business directory
    •