Senior Network Security Engineer

$54,000 - $90,000/Yr

Marriott International - Bismarck, ND

posted 3 months ago

Full-time - Senior
Bismarck, ND
Accommodation

About the position

The Senior Network Security Engineer, Network Site Reliability Engineering (SRE) at Marriott International is a pivotal role responsible for designing and implementing the network security strategy and platforms for Marriott's diverse operations. This includes overseeing the security of Property Networks, Datacenter/Cloud Networks, and Corporate Networks. The engineer will collaborate closely with a team of expert network architects and engineers to promote the adoption of SRE practices and operating models across all network product towers globally. A key focus of this role is to define and execute a zero-trust strategy aimed at preventing unauthorized access to Marriott's network while ensuring compliance with stringent security requirements. In this position, the engineer will articulate and execute a vision that addresses the increasing complexity and scale of modern IT systems. This includes ensuring real-time asset visibility, assessment, remediation, and access control to Marriott services. The successful candidate will implement security strategies and next-gen zero trust solutions to ensure that all system components comply with Marriott's network access and security requirements at a granular level. The role requires establishing technical relationships and partnerships with various business disciplines, MI teams, solution providers, and operational partners to define and implement the Network SRE zero trust security roadmap, building and enforcing the standards defined within it. The Senior Network Security Engineer will report to the Director of SRE and will be accountable for leading the development of complex global distributed infrastructure security, management, and automation solutions. This includes managing Network SRE products and solutions, defining operational strategies, and fostering a culture of continuous improvement and structured processes that support a zero-fault environment. The role also involves conducting network analysis, configuration management, and developing improvements for security compliance, availability, and reliability.

Responsibilities

  • Develop complex global distributed infrastructure security, management, and automation solutions to manage the global network.
  • Lead design, write, and build tools to improve the security posture, availability, and scalability of Datacenter/Cloud Networks, Property Networks, and Corporate Networks.
  • Serve as technical lead for the development of complex global distributed infrastructure security, management, and automation solutions.
  • Serve as technical lead for the design of new cybersecurity tools to help implement the zero trust strategy.
  • Collaborate with other Network teams to develop network SRE solutions with a focus on zero trust.
  • Conduct network analysis, configuration management, and develop improvements for security compliance, availability, and reliability.
  • Provide program management assistance and contribute input to help manage project schedules, risks, and costs.
  • Manage Network SRE products and solutions, including the design, low-level engineering, and delivery of new security tools across the network.
  • Define and implement an operational Recovery Time Objective (RTO) and Recovery Point Objective (RPO) strategy for all Network Infrastructure areas.
  • Establish management level relationships and partner with all business disciplines and MI teams to define the Network SRE Security roadmap.
  • Develop, document, and manage the requirements gathering process and provide detailed design and business processes to support the requirements throughout the project life cycle.
  • Drive accountability with strategic sourcing partners, vendors, telco/ISPs, etc., launching and managing Security Improvement initiatives where appropriate.
  • Create functional strategies and specific objectives for the sub-function and contribute to the development of budgets/policies/procedures to support the functional Network SRE security tools, systems, and infrastructure.
  • Perform network troubleshooting and upgrades, coordinating with local teams and vendors to solve problems and restore services as needed.
  • Foster an environment of continuous improvement and structured processes and procedures that support a zero-fault culture.

Requirements

  • Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification.
  • 7+ years' experience in information technology, including 6+ years' experience with network security tools related products.
  • Experience in installing, configuring, and troubleshooting zero trust security tools (Forescout NAC, Cisco ISE, Aruba ClearPass or similar).
  • Strong preference for product certifications (Forescout: FSCA or FSAA or FSCE).
  • Expertise in designing and implementing policies in the mentioned tools.
  • Experience with one or more Cloud Computing platforms (e.g., Amazon AWS, Microsoft Azure, Google Compute Engine).
  • Knowledge and experience in wireshark/tcpdump/nmap and related analysis techniques.
  • Experience in developing, documenting, and managing the requirements gathering process and providing detailed design and implementation plans.
  • Field experience and knowledge of foundational data networking and IP technologies (ARP, TCP/IP, UDP, DHCP, DNS, NAT, etc.).
  • Awareness in installing, managing, troubleshooting, and administration of firewall management solutions (Firemon, Palo Alto Panorama, Checkpoint MDS).
  • Understanding of TACACS+, RADIUS.
  • Experience in Agile methodologies, daily stand-up meetings, sprint planning sessions, and user story preparations.
  • Hands-on experience with common routing and switching platforms (Cisco, Juniper, HP/Aruba, etc.).

Nice-to-haves

  • Advanced Degree (e.g., MS, PhD) in Computer Science or other technical discipline or MBA, preferably with a focus on technology.
  • Experience managing network security tools in the hospitality industry.
  • Experience leveraging public APIs for developing automation scripts.
  • Team player with the ability to collaborate and work with cross-functional teams in multiple time zones.
  • Experience researching emerging technologies and trends, standards, and products and synthesizing them into clear technology roadmaps and strategies.
  • Strong knowledge of emerging tools, applications, and systems for attaining best-in-class network security posture across the enterprise.
  • Excellent problem-solving skills working independently and through leading outcomes for cross-functional teams.
  • Excellent understanding of change management, testing requirements, and techniques to ensure high availability and business readiness of platforms.
  • Strong attention to detail with the ability to operate effectively across multiple priorities.
  • Ability to perform independently as a member of a team and through cross-functional initiatives.
  • Proven track record of driving transformation in network technologies, tools, and processes through a data-driven continuous improvement methodology.
  • Demonstrated experience in improving reliability, performance, and agility of complex enterprise networks.
  • Strong understanding of network infrastructure automation, instrumentation, and monitoring platforms and the emerging technologies in this area.
  • Strong influencing skills and an ability to overcome barriers while driving change.
  • Excellent verbal and written communication skills for a wide range of audiences including executives, business stakeholders, and IT teams.

Benefits

  • Health insurance
  • Dental insurance
  • Vision insurance
  • 401k retirement plan
  • Paid time off
  • Flexible scheduling
  • Professional development opportunities
  • Employee discounts
  • Relocation assistance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service