US
0 suggestions are available, use up and down arrow to navigate them
What job do you want?

Associate Architect - Global Information Security job in Dover at Marriott

Create Job Alert.

Get similar jobs sent to your email

List of Jobs

Apply to this job.
Think you're the perfect candidate?
Associate Architect - Global Information Security at Marriott

Associate Architect - Global Information Security

Marriott Dover, DE (On Site) Full-Time
**Job Number** 23005027

**Job Category** Information Technology

**Location** Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States

**Schedule** Full-Time

**Located Remotely?** Y

**Relocation?** N

**Position Type** Management

**JOB SUMMARY**

Contributes to and maintains security strategies, requirements, and standards for applications and platforms. Provides in depth Technical Security guidance as the Security Subject Matter Experts (SME) for various technologies and project areas. Ensures company security policies, standards and industry standards are communicated to program teams during the Software Development Life Cycle (SDLC) process. Able to identify gaps and work with project teams to improve security while retaining time to market, functionality and scalability. Reviews and approves Security Accreditation tasks during each of phase of SDLC. Serves as point of escalation for security issues and risks that may arise. Has a broad knowledge in areas of Security such as Cloud Computing, Application, IAM, Cryptography, Infrastructure, and Risk.

**CANDIDATE PROFILE**

**Education and Experience**

**Required:**

+ **Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field or equivalent experience/certification.**

+ **7+ years overall Information Technology experience with:**

+ **5+ years of Information Security experience in security engineering with experience in three or more of the following areas**

+ **Conducting security reviews and identifying risks and gaps**

+ **Performing security accreditations**

+ **Developing security architectures and strategies**

+ **Developing Enterprise security patterns**

+ **Working with development teams and vendor teams for implementing compensating controls**

+ **Experience in reviewing and developing Security Architectures and identifying security risks/gaps as well as mitigation strategies**

+ **The security architect should have 3+ years combined experience in five or more of the following areas:**

+ **Full-stack knowledge of IT infrastructure:**

+ **Applications**

+ **Databases**

+ **Operating systems - Windows, Unix, and Linux**

+ **IP networks - WAN and LAN**

+ **Backup networks and media**

+ **Containers/Kubernetes and microservices**

+ **Cryptography and current cryptographic standards, including PKI**

+ **Direct, hands-on experience or a strong working knowledge of vulnerability management tools**

+ **Working knowledge of the OWASP Top 10**

**Preferred:**

+ **Strong working knowledge of IT service management (e.g., ITIL-related disciplines):**

+ **Change management**

+ **Configuration management**

+ **Asset management**

+ **Incident management**

+ **Problem management**

+ Ability to provide Security Requirements for areas including but not limited to; Cloud Computing, Application Development, IAM, Cryptography, and Infrastructure design and standards

+ Ability to understand large complex integrated solutions and provide the security needed between systems

+ **Experience in developing Enterprise Security Strategies.**

+ **Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services**

+ **Experience designing the deployment of applications and infrastructure into internal, hybrid, and public cloud services**

+ **Ability to conduct independent research**

+ **Strong abilities and experience in documentation and written communication for diverse audiences**

+ **Experience working with diverse and distributed global teams.**

+ Current information security certification(s), such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISC2 Certified Cloud Security Professional (CCSP), GIAC certifications, ITIL

+ Knowledge of Industry Standards such as NIST Cybersecurity Framework (CSF), PCI-DSS, COBIT, CSA, MITRE ATT&CK & CAPAC, STRIDE, NIST 800-53, CIS Benchmarks, etc.

+ Knowledge of securing technologies such as, but not limited to; SaaS services (i.e., O365, Salesforce), Application Design, Container Platforms (ie. Docker, Kubernetes), APIs, Serverless, Network Infrastructure, Operating Systems, Identity and Access Management

+ Knowledge of SDLC (Waterfall/Agile), DevSecOps, and good understanding of the ITIL Framework

+ Knowledge of SAFe Agile Methodologies

+ Strong negotiating, influencing and problem resolution skills

+ Ability to effectively prioritize and execute tasks in a high-pressure environment

+ Ability to assess customer/client needs, creatively approach solutions, decide and influence appropriate courses of action

**CORE WORK ACTIVITIES**

+ Contributes to, evaluates, and supports the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization's information assurance, security, and privacy requirements. Ensures appropriate treatment of risk, compliance, and assurance of internal policies and external regulations.

+ Defines strategy and roadmap, provides guidance, creates standards and guidelines, and reviews architectural designs. Ensures standards and guidelines incorporate legal and regulatory requirements.

+ Conducts security and privacy technology research, assessments, and integration processes; provides and supports a prototype capability and/or evaluates its utility

+ Consults with customers to gather and evaluate functional requirements and provides security and privacy requirements, guidelines, and standards

+ Provides sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain

+ Applies knowledge of priorities to define an entity's direction and identify programs or infrastructure that are required to achieve desired goals within domain of interest. Develops policy or advocates for changes in policy that will support new initiatives or required changes/enhancements

+ Works with the Security Architect Analysts to monitor ongoing project activities, intake of new projects and monitoring of the Security Engagement Process including but not limited to: Data Classification, Security Controls, Threat Models, Architecture Review Boards, Authority to Operate

**Managing Projects and Priorities**

+ Functions as a strategic senior technical expert within the department.

+ Develops specific goals and plans to prioritize, organize, and accomplish work.

+ Champions leaders' vision for product and service delivery.

+ Makes and executes the necessary decisions to keep moving forward toward achievement of goals.

+ Provides direction and assistance to other teams regarding projects.

+ Determines priorities, schedules, plans and necessary resources to promote completion of any projects on schedule.

+ Analyzes information and evaluates results to choose the best solution and solve problems.

+ _Reviews vendor proposals and selects appropriate vendor for services/technologies/hardware._

+ Thinks creatively and practically to develop, execute and implement new project plans.

+ Generates and provides accurate and timely results in the form of reports, presentations, etc.

+ Plans, develops, implements, and evaluates the quality of operations.

**Delivering on the Needs of Key Stakeholders**

+ Understands and meets the needs of key stakeholders.

+ Communicates concepts in a clear and persuasive manner that is easy to understand.

+ Demonstrates an understanding of business priorities.

+ Supports achievement of performance goals, budget goals, team goals, etc.

**Providing Technical Support and Consultation**

+ Provides technical expertise and technical leadership within own and other teams.

+ Provides recommendations to improve the effectiveness of processes and programs.

+ Demonstrates advanced knowledge of job-relevant issues, products, systems, and processes.

+ Demonstrates advanced knowledge of function-specific procedures.

+ Applies knowledge/judgment to achieve business goals.

+ Foresees, identifies and resolves problems.

+ Keeps up-to-date technically and applies new knowledge to job.

+ Performs other reasonable duties as required for this position.

_Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law. Marriott International considers for employment qualified applicants with criminal histories consistent with applicable federal, state and local law._

Marriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. We believe a great career is a journey of discovery and exploration. So, we ask, where will your journey take you?

Recommended Skills

  • Api
  • Agile Methodology
  • Application Design
  • Architecture
  • Assessments
  • Business Priorities
Apply to this job.
Think you're the perfect candidate?

Help us improve CareerBuilder by providing feedback about this job:

Job ID: 2418612216

CareerBuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.