Mgr-Information Security - Threat Management and Response

Job Number 24081565Job Category Information TechnologyLocation Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United StatesSchedule Full-TimeLocated Remotely?

YRelocation? NPosition Type ManagementJOB SUMMARYSeeking a proactive manager to lead threat hunting efforts, analyzing security logs and network traffic to identify potential threats and vulnerabilities.

Develop and implement custom signatures and rules, collaborating with incident responders to investigate and respond to security incidents.

Stay updated on the latest threat intelligence and trends, analyzing attack patterns and conducting threat modeling to enhance detection and mitigation, Previous experience with log analysis tools and offensive security strategies required, along with strong communication skills to articulate threat hunt objectives and associated risks.

CANDIDATE PROFILEEducation and ExperienceRequired : Bachelor’s degree in Computer Sciences or related field or equivalent experience / certification3+ years of information technology experience or related professional area.

2+ years experience implementing security technologies, including Threat Intelligence Platforms, threat emulation tools, writing custom signatures and rules, network security, intrusion detection and log analysis.

Experience analyzing system, network, and application logging for attack techniques at all stages of the cyber kill chain.

Direct experience working with very large datasets and log analysis tools including but not limited to : Splunk, Python, Pandas, SQL, Hadoop, Hue.

Preferred : Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)Technical leadership experience in a sourced environmentProject management skillsTechnical infrastructure operations, administration, or engineering backgroundCORE WORK ACTIVITIESThreat OperationsProactively hunt for and identify potential threats and vulnerabilities.

Perform in-depth analysis of security logs, network traffic, and other data sources to identify indicators of compromise and suspicious activities.

Review findings from the company’s managed security validation platform for the creation of new signatures and detections.

Create and maintain custom signatures, rules, and alerts to enhance detection and response capabilities.Participate inDevelop and implement threat hunting methodologies and techniques to effectively detect and mitigate advanced cyber threats.

Collaborate with incident responders, security analysts, and other stakeholders to investigate and respond to security incidents.

Stay up to date with the latest threat intelligence and security trends to continuously enhance threat hunting capabilities.

Recognize, research, and analyze various threat actor groups / attack patterns, tactics, techniques and procedures.Conduct threat modeling to improve threat detection and mitigation.

Manage external and internal threat intelligence partnerships on behalf of the organization. This includes optimizing and managing data sources of threat intelligence information.

Familiarity with offensive security strategies and assessment methodology.Opportunities to explain threat hunting objectives in plain English and able to communicate associated risk.

Investigate and analyze many different types of security incidents, such as network-, host-, application-, and malware-based intrusions across a broad range of computing environments and technology stacksWork to enhance the Threat Intelligence Platform by vetting intelligence feeds for criticality and relevance.

Utilize the corporate Endpoint Detection and Response tool and SIEM to identify anomalous activity and potential threats to the enterprise infrastructure.

Perform analysis of adversary tradecraft, malicious code, and capabilities for hunt pivoting purposes.Perform research to identify targeted attacks, campaigns, and malware.

Assist with internal investigations as a technical resource for forensic artifact collection and forensic disk analysis.Manage the analysis of intrusion artifacts to determine potential specific adversary and motives.

Work to facilitate the mitigation of actual and potential incidentsEffectively communicate and / or summarize (in both verbal and written form) complex threat events or security incident details to multiple audiences, such as executives, legal, and technical staffResearch, build and maintain technology solutions and tools needed to support security incident response investigations and examine digital evidence (for example, network traffic, log, filesystem, memory, and malware analyzers and forensic toolsets);

partner with technology teams to innovate solutions to improve preparedness.Design and carry out security incident preparedness activities, such as compromise assessments and tabletop exercises, and conducting training and awareness sessions for relevant iT RUN groups, Service providers and vendorsMANAGEMENT COMPETENCIESLeadershipCommunication - Conveys information and ideas to others in a convincing and engaging manner through a variety of methods.

Leading Through Vision and Values -Keeps the organization's vision and values at the forefront of employee decision making and action.

Managing Change -Initiates and / or manages the change process and energizes it on an ongoing basis, taking steps to remove barriers or accelerate its pace;

serves as role model for how to handle change by maintaining composure and performance level under pressure or when experiencing challenges.

Problem Solving and Decision Making - Identifies and understands issues, problems, and opportunities; obtains and compares information from various sources to draw conclusions, develops and evaluates alternatives and solutions, solves problems, and chooses a course of action.

Professional Demeanor - Exhibits behavioral styles that convey confidence and command respect from others; makes a good first impression and represents the company in alignment with its values.

Strategy Development - Develops business plans by exploring and systematically evaluating opportunities with the greatest potential for producing positive results;

ensures successful preparation and execution of business plans through effective planning, organizing, and on-going evaluation processes.

Managing ExecutionBuilding a Successful Team -Uses an effective interpersonal style to build a cohesive team; inspires and sustains team cohesion and engagement by focusing the team on its mission and importance to the organization.

Strategy Execution Ensures successful execution across of business plans designed to maximize customer satisfaction, profitability, and market share through effective planning, organizing, and on-going evaluation processes.

Driving for Results - Sets high standards of performance for self and / or others; assumes responsibility for work objectives;

initiates, focuses, and monitors the efforts of self and / or others toward the accomplishment goals; proactively takes action and goes beyond what is required.

Building RelationshipsCustomer Relationships - Develops and sustains relationships based on an understanding of customer / stakeholder needs and actions consistent with the company’s service standards.

Global Mindset - Supports employees and business partners with diverse styles, abilities, motivations, and / or cultural perspectives;

utilizes differences to drive innovation, engagement and enhance business results; and ensures employees are given the opportunity to contribute to their full potential.

Strategic Partnerships -Develops collaborative relationships with fellow employees and business partners by making them feel valued, appreciated, and included;

explores partnership opportunities with other people in and outside the organization; influences and leverages corporate and continental shared services and / or discipline leaders (e.

g., HR, Sales & Marketing, Finance, Revenue Management) to achieve objectives; maintains effective external relations with government, business and industry in respective countries;

performs effectively as a liaison between locations, disciplines, and corporate to ensure needed resources are received and corporate strategies are understood and executed.

Generating Talent and Organizational CapabilityDeveloping Others -Supports the development of other’s skills and capabilities so that they can fulfill current or future job / role responsibilities more effectively.

Organizational Capability - Evaluates and adapts the structure of assignments and work processes to best fit the needs and / or support the goals of an organizational unit.

Learning and Applying Professional ExpertiseContinuous Learning - Actively identifies new areas for learning; regularly creates and takes advantage of learning opportunities;

uses newly gained knowledge and skill on the job and learns through their application.Technical Acumen - Understanding and utilizing professional skills and knowledge in a specific functional area to conduct and manage everyday business operations and generate innovative solutions to approach function-specific work challengesTechnical Intelligence : Knowledge and ability to define and apply appropriate technology to enhance business processDevelopment Methodologies : Knowledge of general stages of SDLC framework and the application tiers within the development space.

Information Security : Knowledge of the security considerations relevant within the development space, including industry best practices related to information securityBusiness Acumen - Understands and utilizes business information to manage everyday operations and generate innovative solutions to approach business and administrative challenges.

Basic Competencies - Fundamental competencies required for accomplishing basic work activities.Basic Computer Skills - Using basic computer hardware and software (e.

g., personal computers, word processing software, Internet browsers, etc.).Mathematical Reasoning - The ability to add, subtract, multiply, or divide quickly, correctly, and in a way that allows one to solve work-related issues.

Oral Comprehension - The ability to listen to and understand information and ideas presented through spoken words and sentences.

Reading Comprehension - Understanding written sentences and paragraphs in work related documents.Writing - Communicating effectively in writing as appropriate for the needs of the audience.

California Applicants Only : The salary range for this position is $83,550.00 to $178,603.00 annually.Colorado Applicants Only : The salary range for this position is $83,550.

00 to $162,366.00 annually.Hawaii Applicants Only : The salary range for this position is $101,096.00 to $178,603.00 annually.

New York Applicants Only : The salary range for this position is $83,550.00 to $178,603.00 annually.Washington Applicants Only : The salary range for this position is $83,550.

00 to $178,603.00 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus. Employees will accrue 0.

04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts.

Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.

Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD;

candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.The application deadline for this position is 28 days after the date of this posting, 5 / 9 / 2024.

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture.

We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed.

Be where you can do your best work, begin your purpose, belong to an amazing global team, and become the best version of you.