Security Engineer - Endpoint and Data Security

Job description

Marriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. We believe a great career is a journey of discovery and exploration. So, we ask, where will your journey take you?

Desired profile

Qualifications :

JOB SUMMARY

The Security Engineer, Endpoint and Data Security is responsible for the governance and oversight of design, deployment, and configuration of the Marriott International endpoint security solutions. Provide next-generation security for enterprise SaaS applications such as Box, Dropbox, GitHub, Google Apps, Slack, Salesforce and many more. Enables the organization to store, transmit and process sensitive data in these applications while preventing security threats.


CANDIDATE PROFILE


Education and Experience

Required:
·  Bachelor's degree in Computer Sciences or related field or equivalent experience/certification
·  5+ years of information technology experience, with 3+ years of experience in information security
·  3+ years' experience implementing, managing or governing security technologies, including encryption, network security, intrusion detection

Preferred:
·  Current information security certification, including Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP)
·  Subject matter expert in operational security for multi-tenant SaaS solutions
·  2+ years' experience with Public Cloud
·  Familiarity with security frameworks CSA, NIST, CIS, PCI DSS, etc.
·  Demonstrated experiences identifying and assessing cloud security vulnerabilities and risks
·  Expertise in researching & evaluating identified vulnerabilities and risks to the organization's information and systems
·  Technical leadership experience in a sourced environment.
·  Demonstrated previous responsibility for operational security for development, test, and production environments for SaaS solutions.
·  Project management skills
·  Technical infrastructure operations, administration, or engineering background

CORE WORK ACTIVITIES

Data Security
·  Support the remediation of identified risks, endorse preventative solutions gather requirements, and influence stakeholders to reduce risk and maintain security alignment to corporate and or industry requirements.
·  Create and implement an operational security program to ensure the security of production SaaS solutions.
·  Partner with IT and Risk Management partners to develop and implement a comprehensive set of cyber-security policies and procedures governing hosted and SaaS environments.
·  Collaborate with Professional Services and Customer Support to create comprehensive guidelines and best practices for deployment of SaaS solutions.
·  Develop and maintain an effective cyber-security incident management process related to the SaaS environments.
·  Identify, select, deploy, and maintain appropriate monitoring and configuration management tools to provide proactive monitoring and management of the security posture of production environments.
·  Identify, select, deploy, and maintain authentication, authorization, and auditing solutions for production operations.
·  Stay current on cloud security policies, standards, regulations making recommendations for the company
·  Act as an advocate of information security policies, standards, controls and as an enabler to the business while managing risk appropriately
·  Track and report on the status of cloud security risks to corporate/industry requirements.
·  Apply security-level knowledge of cloud environments, to continuously monitor solutions to understand and provide direct guidance for security remediation activities.
·  Partner with enterprise teams to establish preventative controls to support security needs via automation.
·  Play a key role in implementation & delivery of a formalized information security awareness offerings related to SaaS, Public Cloud environments. Maintain strong awareness of cloud security incidents in the external community to identify threats and opportunities for enhancement. Apply those learnings to Cloud Security program and associated solutions.

Marriott International is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Marriott International does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.