Senior Network Security Engineer - Firemon

Marriott International - Bismarck, ND

posted 2 months ago

Full-time - Senior
Bismarck, ND
Accommodation

About the position

The Senior Network Security Engineer, Network Site Reliability Engineering (SRE) at Marriott International is a pivotal role responsible for designing and implementing the network security strategy and platforms for all Marriott networks, including Property Networks, Datacenter/Cloud Networks, and Corporate Networks. This position requires a subject matter expert who will work collaboratively with a matrix team of network architects and engineers to drive the adoption of SRE practices and operating models globally. The engineer will focus on defining and executing a zero-trust strategy, particularly in managing firewall systems that meet strict security compliance requirements. Reporting to the Director of SRE, the successful candidate will articulate and execute a vision to address the increasing complexity and scale of modern IT systems, ensuring real-time asset visibility, assessment, remediation, and access control to Marriott services. In this role, the engineer will bridge the gap by implementing security strategies and next-gen zero trust solutions, ensuring that all system components comply with Marriott's security requirements at a granular level. The position is accountable for establishing technical relationships and partnerships with various business disciplines, MI teams, solution providers, and operational partners to define and implement the Network SRE zero trust security roadmap, building and enforcing the standards defined within it. The role demands a proactive approach to developing complex global distributed infrastructure security, management, and automation solutions to enhance the security posture, availability, and scalability of Marriott's networks. The Senior Network Security Engineer will also lead the design and development of new cybersecurity tools to support the zero trust strategy, conduct network analysis, and configuration management to improve security compliance, availability, and reliability. Additionally, the engineer will manage Network SRE products and solutions, define operational Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO), and foster an environment of continuous improvement and structured processes that support a zero-fault culture.

Responsibilities

  • Develop complex global distributed infrastructure security, management, and automation solutions to manage our global network.
  • Lead design, write, and build tools to improve the security posture, availability, and scalability of Datacenter/Cloud Networks, Property Networks, and Corporate Networks.
  • Serve as technical lead for the development of complex global distributed infrastructure security, management, and automation solutions to manage our global network.
  • Serve as technical lead for the design of new cybersecurity tools to help implement the zero trust strategy.
  • Collaborate with other Network teams to develop network SRE solutions with a focus on zero trust.
  • Conduct network analysis, configuration management, and develop improvements for security compliance, availability, and reliability.
  • Provide program management assistance and contribute input to help manage project schedules, risks, and costs.
  • Manage Network SRE products and solutions, including the design, low-level engineering, and delivery of new security tools across the network.
  • Define and implement an operational Recovery Time Objective (RTO) and Recovery Point Objective (RPO) strategy for all Network Infrastructure areas.
  • Establish management level relationships and partner with all Business disciplines and other MI teams to define the Network SRE Security roadmap, meet service level requirements, and serve as an escalation point to resolve service delivery and operational issues.
  • Develop, document, and manage the requirements gathering process and provide detailed design and business processes to support the requirements throughout the project life cycle.
  • Drive accountability with strategic sourcing partners, vendors, telco/ISPs, etc., launching and managing Security Improvement initiatives where appropriate.
  • Create functional strategies and specific objectives for the sub-function and contribute to the development of budgets/policies/procedures to support the functional Network SRE security tools, systems, and infrastructure.
  • Perform network troubleshooting and upgrades. Coordinate with local teams and vendors, solve problems, and restore services as needed.
  • Foster an environment of continuous improvement and structured processes and procedures that support a zero-fault culture.

Requirements

  • Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification.
  • 7+ years' experience in information technology including 6+ years' experience with network security tools related products.
  • Experience in installing, configuring, and troubleshooting zero trust security tools (Cisco ISE or other network admission tools).
  • Experience in installing, configuring, and troubleshooting security tools (Firewall management solutions like Firemon, Cisco ISE, Tufin, AlgoSec, or similar products).
  • Strong preference for product certifications (CCIE, CCNP, CCNA).
  • Expertise in designing and implementing policies in the mentioned tools.
  • Knowledge and experience in firewalls, network management, wired and wireless network peripherals supporting security products like Firemon, Cisco ISE, Tufin, AlgoSec, or similar products.
  • Experience with one or more Cloud Computing platforms (e.g., Amazon AWS, Microsoft Azure, Google Compute Engine).
  • Knowledge and experience in wireshark/tcpdump/nmap and related analysis techniques.
  • Experience in developing, documenting, and managing the requirements gathering process and providing detailed design and implementation plans to support the requirements throughout the project life cycle.
  • Field experience and knowledge of foundational data networking and IP technologies including ARP, TCP/IP, UDP, RADIUS, TACACS+, and others.
  • Experience in Agile methodologies, daily stand-up meetings, sprint planning sessions, and user story preparations.
  • Hands-on experience with common routing and switching platforms (Cisco, Juniper, HP/Aruba, etc.).

Nice-to-haves

  • Advanced Degree (e.g., MS, PhD) in Computer Science or other technical discipline or MBA, preferably with a focus on technology.
  • Experience with managing network security tools in the hospitality industry is a plus.
  • Experience in leveraging public APIs for developing automation scripts.
  • Team player with the ability to collaborate and work with cross-functional teams in multiple time zones.
  • Experience in researching emerging technologies and trends, standards, and products and synthesizing them into clear technology roadmaps and strategies.
  • Strong knowledge of emerging tools, applications, and systems for attaining best-in-class network security posture across the enterprise.
  • Excellent problem-solving skills working independently and through leading outcomes for cross-functional teams.
  • Excellent understanding of change management, testing requirements, and techniques to ensure high availability and business readiness of platforms.
  • Strong attention to detail with an ability to operate effectively across multiple priorities.
  • Ability to perform independently as a member of a team and through cross-functional initiatives.
  • Proven track record of driving transformation in network technologies, tools, and processes through a data-driven continuous improvement methodology.
  • Demonstrated experience in improving reliability, performance, and agility of complex enterprise networks.
  • Strong understanding of network infrastructure automation, instrumentation, and monitoring platforms and the emerging technologies in this area.
  • Strong influencing skills and an ability to overcome barriers while driving change.
  • Excellent verbal and written communication skills for a wide range of audiences including executives, business stakeholders, and IT teams.

Benefits

  • Health insurance coverage
  • Dental insurance coverage
  • Vision insurance coverage
  • 401k benefit for retirement savings plan
  • 401(k) matching benefit
  • Paid holidays
  • Flexible scheduling options
  • Professional development opportunities
  • Tuition reimbursement
  • Employee discount programs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service