Senior Network Security Engineer

$96,038 - $209,169/Yr

Marriott International - Springfield, IL

posted 3 months ago

Full-time - Senior
Hybrid - Springfield, IL
Accommodation

About the position

The Senior Network Security Engineer, Network Site Reliability Engineering (SRE) at Marriott International is a pivotal role responsible for designing and implementing the network security strategy and platforms for the company's next-generation operations. This position encompasses all Marriott networks, including Property Networks, Datacenter/Cloud Networks, and Corporate Networks. The engineer will collaborate closely with a matrix team of expert network architects and engineers to promote the adoption of SRE practices and operating models across various network product towers globally. A key focus of this role is to define and execute a zero-trust strategy aimed at preventing unauthorized access to Marriott's network while ensuring compliance with stringent security requirements. Reporting to the Director of SRE, the Senior Network Security Engineer will articulate and execute a vision that addresses the increasing complexity and scale of modern IT systems. This includes ensuring real-time asset visibility, assessment, remediation, and access control to Marriott services. The successful candidate will implement security strategies and next-generation zero-trust solutions to ensure that all system components comply with Marriott's network access and security requirements at a granular level. This role is also accountable for establishing technical relationships and partnerships with various business disciplines, MI teams, solution providers, and operational partners to define and implement the Network SRE zero-trust security roadmap, building and enforcing the standards defined within it.

Responsibilities

  • Develop complex global distributed infrastructure security, management, and automation solutions to manage the global network.
  • Lead design, write, and build tools to improve the security posture, availability, and scalability of Datacenter/Cloud Networks, Property Networks, and Corporate Networks.
  • Serve as technical lead for the development of complex global distributed infrastructure security, management, and automation solutions.
  • Serve as technical lead for the design of new cybersecurity tools to help implement the zero-trust strategy.
  • Collaborate with other Network teams to develop network SRE solutions with a focus on zero trust.
  • Conduct network analysis, configuration management, and develop improvements for security compliance, availability, and reliability.
  • Provide program management assistance and contribute input to help manage project schedules, risks, and costs.
  • Manage Network SRE products and solutions, including the design, low-level engineering, and delivery of new security tools across the network.
  • Define and implement an operational Recovery Time Objective (RTO) and Recovery Point Objective (RPO) strategy for all Network Infrastructure areas.
  • Establish management level relationships and partner with all Business disciplines and other MI teams to define the Network SRE Security roadmap, meet service level requirements, and serve as an escalation point to resolve service delivery and operational issues.
  • Develop, document, and manage the requirements gathering process and provide detailed design and business processes to support the requirements throughout the project life cycle.
  • Drive accountability with strategic sourcing partners, vendors, telco/ISPs, etc., launching and managing Security Improvement initiatives where appropriate.
  • Create functional strategies and specific objectives for the sub-function and contribute to the development of budgets/policies/procedures to support the functional Network SRE security tools, systems, and infrastructure.
  • Perform network troubleshooting and upgrades, coordinating with local teams and vendors to solve problems and restore services as needed.
  • Foster an environment of continuous improvement and structured processes and procedures that support a zero-fault culture.

Requirements

  • Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification.
  • 7+ years' experience in information technology, including 6+ years' experience with network security tools related products.
  • Experience in installing, configuring, and troubleshooting zero trust security tools (Forescout NAC, Cisco ISE, Aruba ClearPass or similar).
  • Strong preference for product certifications (Forescout: FSCA or FSAA or FSCE).
  • Expertise in designing and implementing policies in the mentioned tools.
  • Experience with one or more Cloud Computing platforms (e.g., Amazon AWS, Microsoft Azure, Google Compute Engine).
  • Knowledge and experience in wireshark/tcpdump/nmap and related analysis techniques.
  • Experience in developing, documenting, and managing the requirements gathering process and providing detailed design and implementation plans throughout the project life cycle.
  • Field experience and knowledge of foundational data networking and IP technologies (ARP, TCP/IP, UDP, DHCP, DNS, NAT, etc.).
  • Awareness in installing, managing, troubleshooting, and administration of firewall management solutions (Firemon, Palo Alto Panorama, Checkpoint MDS).
  • Understanding of TACACS+, RADIUS.
  • Experience in Agile methodologies, daily stand-up meetings, sprint planning sessions, and user story preparations.
  • Hands-on experience with common routing and switching platforms (Cisco, Juniper, HP/Aruba, etc.).

Nice-to-haves

  • Advanced Degree (e.g., MS, PhD) in Computer Science or other technical discipline or MBA, preferably with a focus on technology.
  • Experience managing network security tools in the hospitality industry.
  • Experience leveraging public APIs for developing automation scripts.
  • Team player with the ability to collaborate and work with cross-functional teams in multiple time zones.
  • Experience researching emerging technologies and trends, standards, and products and synthesizing them into clear technology roadmaps and strategies.
  • Strong knowledge of emerging tools, applications, and systems for attaining best-in-class network security posture across the enterprise.
  • Excellent problem-solving skills working independently and through leading outcomes for cross-functional teams.
  • Excellent understanding of change management, testing requirements, and techniques to ensure high availability and business readiness of platforms.
  • Strong attention to detail with the ability to operate effectively across multiple priorities.
  • Ability to perform independently as a member of a team and through cross-functional initiatives.
  • Proven track record of driving transformation in network technologies, tools, and processes through a data-driven continuous improvement methodology.
  • Demonstrated experience in improving reliability, performance, and agility of complex enterprise networks.
  • Strong understanding of network infrastructure automation, instrumentation, and monitoring platforms and the emerging technologies in this area.
  • Strong influencing skills and an ability to overcome barriers while driving change.
  • Excellent verbal and written communication skills for a wide range of audiences including executives, business stakeholders, and IT teams.

Benefits

  • Medical, dental, and vision coverage.
  • Health care flexible spending account.
  • Dependent care flexible spending account.
  • Life insurance.
  • Disability insurance.
  • Accident insurance.
  • Adoption expense reimbursements.
  • Paid parental leave.
  • Educational assistance.
  • 401(k) plan.
  • Stock purchase plan.
  • Discounts at Marriott properties.
  • Commuter benefits.
  • Employee assistance plan.
  • Childcare discounts.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service