Senior Network Security Engineer - Firemon

$96,038 - $179,270/Yr

Marriott International - Boston, MA

posted 2 months ago

Full-time - Senior
Hybrid - Boston, MA
Accommodation

About the position

The Senior Network Security Engineer, Network Site Reliability Engineering (SRE) is a pivotal role at Marriott International, responsible for designing and implementing the network security strategy and platforms for the company's next-generation operations. This includes overseeing the security of Property Networks, Datacenter/Cloud Networks, and Corporate Networks. The engineer will collaborate closely with a matrix team of expert network architects and engineers to promote the adoption of SRE practices and operating models across all network product towers globally. A key focus of this role is to define and execute a zero-trust strategy, particularly in managing firewall systems that comply with stringent security requirements. Reporting directly to the Director of SRE, the engineer will articulate and execute a vision that addresses the complexities and scale of modern IT systems, ensuring real-time asset visibility, assessment, remediation, and access control to Marriott services. The successful candidate will bridge the gap by implementing security strategies and next-gen zero trust solutions, ensuring that all system components meet Marriott's security compliance requirements at a granular level. This role is accountable for establishing technical relationships and partnerships with various business disciplines, MI teams, solution providers, and operational partners to define and implement the Network SRE zero trust security roadmap, building and enforcing the standards defined within it. The position requires a proactive approach to developing complex global distributed infrastructure security, management, and automation solutions to enhance the security posture, availability, and scalability of Marriott's networks. In addition to technical expertise, the Senior Network Security Engineer will lead the design and development of new cybersecurity tools to support the zero trust strategy, conduct network analysis, and manage project schedules, risks, and costs. The role also involves fostering a culture of continuous improvement and structured processes that support a zero-fault culture, ensuring that the network infrastructure is resilient and secure against emerging threats.

Responsibilities

  • Develop complex global distributed infrastructure security, management, and automation solutions to manage our global network.
  • Lead design, write, and build tools to improve the security posture, availability, and scalability of Datacenter/Cloud Networks, Property Networks, and Corporate Networks.
  • Serve as technical lead for the development of complex global distributed infrastructure security, management, and automation solutions to manage our global network.
  • Serve as technical lead for the design of new cybersecurity tools to help implement the zero trust strategy.
  • Collaborate with other Network teams to develop network SRE solutions with a focus on zero trust.
  • Conduct network analysis, configuration management, and develop improvements for security compliance, availability, and reliability.
  • Provide program management assistance and contribute input to help manage project schedules, risks, and costs.
  • Manage Network SRE products and solutions, including the design, low-level engineering, and delivery of new security tools across the network.
  • Define and implement an operational Recovery Time Objective (RTO) and Recovery Point Objective (RPO) strategy for all Network Infrastructure areas.
  • Establish management level relationships and partner with all Business disciplines and other MI teams to define the Network SRE Security roadmap, meet service level requirements, and serve as an escalation point to resolve service delivery and operational issues.
  • Develop, document, and manage the requirements gathering process and provide detailed design and business processes to support the requirements throughout the project life cycle.
  • Drive accountability with strategic sourcing partners, vendors, telco/ISPs, etc., launching and managing Security Improvement initiatives where appropriate.
  • Create functional strategies and specific objectives for the sub-function and contribute to the development of budgets/policies/procedures to support the functional Network SRE security tools, systems, and infrastructure.
  • Perform network troubleshooting and upgrades. Coordinate with local teams and vendors, solve problems and restore services as needed.
  • Foster an environment of continuous improvement and structured processes and procedures that support a zero-fault culture.

Requirements

  • Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification.
  • 7+ years' experience in information technology including 6+ years' experience with network security tools related products.
  • Experience in installing, configuring, and troubleshooting of zero trust security tools (Cisco ISE or other network admission tools).
  • Experience in installing, configuring, and troubleshooting of Security tools (Firewall management solution like Firemon, Cisco ISE, Tufin, AlgoSec or similar products).
  • Strong preference to have product certifications (CCIE, CCNP, CCNA).
  • Must possess expertise in designing and implementing policies in the tool(s) mentioned above.
  • Knowledge and experience in firewalls, network management, wired and wireless network peripherals in supporting security products like Firemon, Cisco IS, Tufin, AlgoSec or similar products.
  • Experience with one or more Cloud Computing platforms (e.g. Amazon AWS, Microsoft Azure, Google Compute Engine).
  • Knowledge and experience in wireshark/tcpdump/nmap and related analysis techniques.
  • Experience in developing, documenting, and managing the requirements gathering process and provide detailed design and implementation plan to support the requirements throughout the project life cycle.
  • Field experience and knowledge of foundational data networking and IP technologies including (ARP, TCP/IP, UDP, RADIUS, TACACS+ and others).
  • Experience in Agile methodologies, daily stand-up meetings, sprint planning sessions, and user story preparations.
  • Hands-on experience with common routing and switching platforms (Cisco, Juniper, HP/Aruba etc.).

Nice-to-haves

  • Advanced Degree (e.g., MS, PhD) in Computer Science or other technical discipline or MBA, preferably with a focus on technology.
  • Experience with managing network security tools in the hospitality industry a plus.
  • Experience in leveraging public APIs for developing automation scripts.
  • Team player with the ability to collaborate and work with cross-functional teams in multiple time zones.
  • Experience in researching emerging technologies and trends, standards, and products and synthesizing into clear technology roadmaps and strategies.
  • Strong knowledge of emerging tools, applications, and systems for attaining best-in-class network security posture across the enterprise.
  • Excellent problem-solving skills working independently and through leading outcomes for cross-functional teams.
  • Excellent understanding of change management, testing requirements and techniques, to ensure high availability and business readiness of platforms.
  • Strong attention to detail with an ability to operate effectively across multiple priorities.
  • Ability to perform independently as a member of a team and through cross-functional initiatives.
  • Proven track record of driving transformation in network technologies, tools, and processes through a data-driven continuous improvement methodology.
  • Demonstrated experience in improving reliability, performance, and agility of complex enterprise networks.
  • Strong understanding of network infrastructure automation, instrumentation, and monitoring platforms and the emerging technologies in this area.
  • Strong influencing skills and an ability to overcome barriers while driving change.
  • Excellent verbal and written communication skills for a wide range of audiences including executives, business stakeholders, and IT teams.

Benefits

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Health care flexible spending account
  • Dependent care flexible spending account
  • Life insurance
  • Disability insurance
  • Accident insurance
  • Adoption expense reimbursements
  • Paid parental leave
  • Educational assistance
  • 401(k) plan
  • Stock purchase plan
  • Discounts at Marriott properties
  • Commuter benefits
  • Employee assistance plan
  • Childcare discounts

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service