Marriott International - Boise, ID

posted 7 months ago

Full-time - Manager
Hybrid - Boise, ID
Accommodation

About the position

The position is responsible for managing security compliance across various domains, including network compliance, endpoint compliance, and exceptions processing. The individual will review endpoints to ensure they comply with Marriott's endpoint security technology policies, tracking areas of non-compliance and collaborating with stakeholders to rectify these issues. Additionally, the role involves reviewing, approving, and tracking policy exceptions while working closely with the Risk Management team to ensure alignment with Enterprise Risk. The position also entails managing and improving the IT Security Compliance inventory and lifecycle, which includes monitoring all asset assessments, data analysis, reporting, and remediation of findings. In this role, the candidate will consistently monitor compliance with applicable security policies and standards, reporting any related risk issues. They will execute technical risk assessments and advise business and IT leaders on the risks associated with various initiatives and tools. The individual will oversee and evaluate documentation and validation processes to ensure that the organization meets security assurance and privacy requirements. They will also manage processes and tools that identify, document, and retain intellectual capital and information content, conducting assessments on threats and vulnerabilities to determine deviations and levels of risk. The candidate will be expected to deliver recommendations to leadership and vendors regarding present risks and whether additional remediation or action is required. They will create and drive the development of process and policy documentation, ensuring that reports are submitted in a timely manner and that project progress is documented accurately. The role requires managing and implementing assigned work and projects, generating accurate and timely results in the form of reports and presentations, and collaborating with internal partners to support business strategies. The position is designed for a candidate who can demonstrate technical expertise, effective communication skills, and a strong understanding of job-relevant issues, products, systems, and processes.

Responsibilities

  • Manage security compliance including network and endpoint compliance.
  • Review endpoints for compliance with security policies and track non-compliance areas.
  • Work with stakeholders to bring non-compliant areas back to compliance.
  • Review, approve, and track policy exceptions in collaboration with the Risk Management team.
  • Manage and improve the IT Security Compliance inventory and lifecycle.
  • Monitor asset assessments and conduct data analysis, reporting, and remediation of findings.
  • Consistently monitor compliance with security policies and report risk issues.
  • Execute technical risk assessments and advise on risks of initiatives/tools.
  • Define and execute Third Party/Vendor Security Risk Assessment programs.
  • Oversee documentation and validation processes to meet security assurance and privacy requirements.
  • Conduct assessments on threats and vulnerabilities and determine risk levels.
  • Deliver recommendations to leadership and vendors regarding risks and remediation actions.
  • Create and drive development of process and policy documentation.
  • Submit reports in a timely manner and document project progress accurately.
  • Manage and implement assigned work and projects, providing timely status reports.
  • Provide technical expertise and support to internal and external stakeholders.

Requirements

  • Bachelor's degree in computer sciences or related field or equivalent experience/certification.
  • 7+ years of general information technology experience.
  • At least 3+ years' experience implementing, managing, and/or governing endpoint security technologies.
  • Working knowledge of IT Endpoint management tools such as Active Directory, BigFix, Tanium, CrowdStrike, etc.
  • Current information security certification (CISM, CISA, CISSP, etc.).
  • Extensive experience in security policy creation and endpoint lifecycle management.
  • Experience with reporting dashboards and metrics tracking for Endpoint compliance.
  • Technical leadership experience in an Information Technology Outsourced (ITO) environment.
  • Project management skills and abilities to lead IT Security Compliance Projects.
  • Excellent communication/reporting skills and problem-solving ability related to IT Security Compliance.

Nice-to-haves

  • Knowledge of IT Protocols such as ARP, TCP/IP, WMI, SNMP, etc.
  • Familiarity with ACLs, VLAN, and SD-WAN concepts.

Benefits

  • Medical, dental, and vision coverage.
  • Health care flexible spending account.
  • Dependent care flexible spending account.
  • Life insurance and disability insurance.
  • Accident insurance and adoption expense reimbursements.
  • Paid parental leave and educational assistance.
  • 401(k) plan and stock purchase plan.
  • Discounts at Marriott properties.
  • Commuter benefits and employee assistance plan.
  • Childcare discounts.
Job Description Matching

Match and compare your resume to any job description

Start Matching
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service