Senior Network Security Engineer

Marriott International - Providence, RI

posted 2 months ago

Full-time - Senior
Providence, RI
Accommodation

About the position

The Senior Network Security Engineer, Network Site Reliability Engineering (SRE) at Marriott International is a pivotal role responsible for designing and implementing the network security strategy and platforms for the company's next-generation operations. This position encompasses all Marriott networks, including Property Networks, Datacenter/Cloud Networks, and Corporate Networks. The engineer will collaborate closely with a matrix team of expert network architects and engineers to promote the adoption of SRE practices and operating models globally. A key focus of this role is to define and execute a zero-trust strategy aimed at preventing unauthorized access to Marriott's network while ensuring compliance with stringent security requirements. Reporting to the Director of SRE, the Senior Network Security Engineer will articulate and execute a vision that addresses the increasing complexity and scale of modern IT systems. This includes ensuring real-time asset visibility, assessment, remediation, and access control to Marriott services. The successful candidate will implement security strategies and next-gen zero trust solutions to ensure that all system components comply with Marriott's network access and security requirements at a granular level. This role also involves establishing technical relationships and partnerships with various business disciplines, MI teams, solution providers, and operational partners to define and implement the Network SRE zero trust security roadmap, while building and enforcing the standards defined within it.

Responsibilities

  • Develop complex global distributed infrastructure security, management, and automation solutions to manage the global network.
  • Lead design, write, and build tools to improve the security posture, availability, and scalability of Datacenter/Cloud Networks, Property Networks, and Corporate Networks.
  • Serve as technical lead for the development of complex global distributed infrastructure security, management, and automation solutions.
  • Serve as technical lead for the design of new cybersecurity tools to help implement the zero trust strategy.
  • Collaborate with other Network teams to develop network SRE solutions with a focus on zero trust.
  • Conduct network analysis, configuration management, and develop improvements for security compliance, availability, and reliability.
  • Provide program management assistance and contribute input to help manage project schedules, risks, and costs.
  • Manage Network SRE products and solutions, including the design, low-level engineering, and delivery of new security tools across the network.
  • Define and implement an operational Recovery Time Objective (RTO) and Recovery Point Objective (RPO) strategy for all Network Infrastructure areas.
  • Establish management level relationships and partner with all business disciplines and MI teams to define the Network SRE Security roadmap and meet service level requirements.
  • Develop, document, and manage the requirements gathering process and provide detailed design and business processes to support the requirements throughout the project life cycle.
  • Drive accountability with strategic sourcing partners, vendors, and telco/ISPs, launching and managing Security Improvement initiatives where appropriate.
  • Create functional strategies and specific objectives for the sub-function and contribute to the development of budgets, policies, and procedures to support the functional Network SRE security tools, systems, and infrastructure.
  • Perform network troubleshooting and upgrades, coordinating with local teams and vendors to solve problems and restore services as needed.
  • Foster an environment of continuous improvement and structured processes that support a zero-fault culture.

Requirements

  • Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification.
  • 7+ years' experience in information technology, including 6+ years' experience with network security tools related products.
  • Experience in installing, configuring, and troubleshooting zero trust security tools (e.g., Cisco ISE).
  • Thorough understanding of TACACS+ and RADIUS protocols.
  • Strong preference for product certifications (CCIE, CCNP, CCNA).
  • Expertise in designing and implementing policies in security tools.
  • Experience with one or more Cloud Computing platforms (e.g., Amazon AWS, Microsoft Azure, Google Compute Engine).
  • Knowledge and experience in Wireshark, tcpdump, nmap, and related analysis techniques.
  • Experience in developing, documenting, and managing the requirements gathering process.
  • Field experience and knowledge of foundational data networking and IP technologies (ARP, TCP/IP, UDP, DHCP, DNS, NAT).
  • Awareness in installing, managing, troubleshooting, and administration of firewall management solutions (Firemon, Palo Alto Panorama, Checkpoint MDS, Aruba ClearPass).
  • Experience in Agile methodologies, including daily stand-up meetings and sprint planning sessions.
  • Hands-on experience with common routing and switching platforms (Cisco, Juniper, HP/Aruba).

Nice-to-haves

  • Advanced Degree (e.g., MS, PhD) in Computer Science or other technical discipline or MBA, preferably with a focus on technology.
  • Experience managing network security tools in the hospitality industry.
  • Experience leveraging public APIs for developing automation scripts.
  • Team player with the ability to collaborate with cross-functional teams in multiple time zones.
  • Experience researching emerging technologies and trends, standards, and products.
  • Strong knowledge of emerging tools, applications, and systems for attaining best-in-class network security posture.
  • Excellent problem-solving skills and ability to work independently and lead outcomes for cross-functional teams.
  • Strong understanding of change management and testing requirements to ensure high availability and business readiness of platforms.
  • Strong attention to detail with the ability to operate effectively across multiple priorities.
  • Proven track record of driving transformation in network technologies, tools, and processes through data-driven continuous improvement methodology.
  • Demonstrated experience in improving reliability, performance, and agility of complex enterprise networks.
  • Strong understanding of network infrastructure automation, instrumentation, and monitoring platforms.
  • Strong influencing skills and ability to overcome barriers while driving change.
  • Excellent verbal and written communication skills for a wide range of audiences.

Benefits

  • Health insurance coverage
  • Dental insurance coverage
  • Vision insurance coverage
  • 401k benefit for retirement savings plan
  • Paid holidays
  • Flexible scheduling
  • Professional development opportunities
  • Employee discount programs
  • Tuition reimbursement
  • Mental health days
  • Wellness programs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service