Senior Security Engineer - Cloud Security

$96,038 - $209,169/Yr

Marriott International - Columbus, OH

posted 4 months ago

Full-time - Manager
Hybrid - Columbus, OH
Accommodation

About the position

This position will be part of the Cloud Security Engineering Team within the Global Information Security organization at Marriott International. The security engineer will be responsible for designing and building security capabilities in a multi-cloud environment, as well as building automation for cloud security controls to enhance the cloud security posture. This role is crucial as it serves as a key engineering and supporting resource for the cloud security engineering program, ensuring that security measures are effectively integrated into cloud operations. The security engineer will provide Cloud Security Governance and Optimization services to technical teams, advising on security best practices and guiding the development and infrastructure teams in adopting and enforcing security and access policies that align with the business's security needs. This includes conducting vulnerability assessments of cloud assets, delivering remediation recommendations, and providing knowledgeable assistance in resolving identified vulnerabilities. In addition, the engineer will improve the accessibility of security through automation and continuous integration pipelines, which involves detecting and fixing vulnerabilities and identifying potential attacks. The role also requires participation in the overall architecture and governance model, providing technical oversight, standardization, and validation of the effectiveness of security systems. The engineer will engage in researching, designing, and implementing security components that are standards-based, high-performing, and secure, while educating internal and external users on security technologies to enhance the organization's knowledge and skill base. The position demands a proactive approach to analyzing the current environment to detect critical deficiencies and recommend solutions for improvement, as well as consulting with project and architecture teams to modify infrastructure and security services as necessary. Documentation of all architecture design and analysis work is also a key responsibility, ensuring that all processes are well recorded and communicated.

Responsibilities

  • Design and build security capabilities in a multi-cloud environment.
  • Build automation for cloud security controls to enhance the cloud security posture.
  • Provide Cloud Security Governance and Optimization services to technical teams.
  • Advise on security best practices and guide development and infrastructure teams in adopting and enforcing security policies.
  • Conduct vulnerability assessments of cloud assets and deliver remediation recommendations.
  • Provide subject matter expertise to Security Engineering and Operations teams.
  • Improve accessibility of security through automation and continuous integration pipelines.
  • Participate in the overall architecture and governance model.
  • Provide technical oversight and validation of the effectiveness of security systems.
  • Research, design, and implement security components that are standards-based and secure.
  • Educate internal and external users on security technologies.
  • Participate in the evaluation and selection of security service products.
  • Support governance based on best practices and align projects with security needs.
  • Analyze the current environment to detect deficiencies and recommend improvements.
  • Consult with project teams to modify infrastructure and security services as necessary.
  • Document all architecture design and analysis work.

Requirements

  • Bachelor's degree in Information Security or related field or equivalent experience/certification.
  • 7+ years progressive Information Technology engineering experience.
  • 5+ years of Information Security experience in security engineering.
  • 3+ years in public cloud security (e.g., AWS, Azure).
  • 1+ years' experience with scripting languages (e.g., Python, JavaScript).
  • 1+ years' experience with CI/CD pipelines or security tooling for cloud-native deployments.

Nice-to-haves

  • Current information security certification, including CISM or CISSP.
  • Experience working with Agile and Scrum methodologies.
  • Experience in DevSecOps, CI/CD, Infrastructure as Code concepts and technologies.
  • Knowledge of Cloud Security Posture Management (CSPM) tools.
  • Knowledge of securing technologies such as Cloud-Native Services, Container Platforms, APIs, Identity and Access Management, Serverless technologies.

Benefits

  • Medical insurance coverage.
  • Dental insurance coverage.
  • Vision insurance coverage.
  • Health care flexible spending account.
  • Dependent care flexible spending account.
  • Life insurance coverage.
  • Disability insurance coverage.
  • Accident insurance coverage.
  • Adoption expense reimbursements.
  • Paid parental leave.
  • Educational assistance.
  • 401(k) plan.
  • Stock purchase plan.
  • Discounts at Marriott properties.
  • Commuter benefits.
  • Employee assistance plan.
  • Childcare discounts.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service