Senior Manager - Data Security Architect
Marriott International offers you the opportunity to find the hospitality job and career journey that's right for you. With more than 1100 managed properties and 18 brands you'll find us in your neighborhood and in more than 74 countries across the globe. Find Your World™ at Marriott.
Develop data security strategies, policies, standards and manage the implementation of a data monitoring environment and related processes. Identify and assess risk of existing databases and repositories with regard to protection of information. Serve as primary security point of contact for data security topics, including preforming risk assessments. Working with the cyber intelligence and vulnerability management team, develop plan of actions required to address vulnerabilities or respond to any data that has been compromised. Work with the policy and standards team to develop strategy for storing sensitive information on databases and unstructured data stored on premise and/or cloud environment. Implement security controls to monitor and secure relational database management system (RDBMS) and big data distributed storage such as Hadoop.
Education and Experience
- Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
- 5+ years of information technology leadership experience
- Experience implementing security technologies, including encryption, and database access monitoring
- 3+ years’ experience in data architecture or data management/administration role.
- Experience with using database monitoring technologies (i.e. Imperva, IBM Guardium)
- Current information security certification, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified SCADA Security Architect (CSSA) or Certified Secure Software Lifecycle Professional (CSSLP).
- Working knowledge of industry security frameworks (e.g., ISO2700X, NIST, Cloud Security Alliance).
- Experience with high-scale or distributed RDBMS (i.e. Netezza) and NoSQL databases (i.e. Cassandra, MongoDB, HBase.)
- Experience with the Hadoop stack (i.e. MapReduce, Sqoop, Pig, Hive, Hbase or, Flume)
- Technical leadership experience in a sourced environment
- Project management skills
- Excellent communication skills and problem solving ability
- Demonstrated ability to work independently and with others
- Ability to manage the details and compliance with standards and expectations
- Technical infrastructure operations, administration, or engineering background
CORE WORK ACTIVITIES
- Oversees, evaluates, and supports the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization’s information assurance, security, and privacy requirements. Ensures appropriate treatment of risk, compliance, and assurance of internal policies and external regulations.
- Conducts security and privacy technology research and assessments and integration processes; provides and supports a prototype capability and/or evaluates its utility.
- Oversee and maintain architectural standard, patterns and direction for Enterprise GRC automated tool (e.g. RSAM)
- Consults with customers to gather and evaluate functional requirements and provides security and privacy requirements, guidelines, and standards.
- Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends and operationalizes appropriate mitigation countermeasures.
- Applies knowledge of priorities to define an entity’s direction, determine how to allocate resources, and identify programs or infrastructure that are required to achieve desired goals within domain of interest. Develops policy or advocates for changes in policy that will support new initiatives or required changes/enhancements.
- Oversees the information assurance (IA) program of an information system in or outside the network environment; may include procurement duties.
- Manages and measures information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, policy enforcement, emergency planning, risk management, security awareness, and other resources.
Marriott International is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Marriott International does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.
Back to top