Skip to main content

Director, Infrastructure Cloud Solutions - Cloud Security

**Job Number** 22159865

**Job Category** Information Technology

**Location** Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States

**Schedule** Full-Time

**Located Remotely?** Y

**Relocation?** N

**Position Type** Management

**JOB SUMMARY**

Reporting directly to the VP, Infrastructure Cloud Solutions Engineering, the Director of Cloud Security Engineering will be accountable for partnering with Global Information security, remediation of vulnerabilities and a risk treatment plan across public cloud, private cloud, and on-premises MI infrastructure. Lead and manage working with service providers remediating vulnerabilities identified by GIS security scans. Able to identify and remediate gaps and work with project teams to improve security posture while retaining time to market, functionality, scalability. Serves as point of escalation for remediating security issues and risks that may arise.

**CANDIDATE PROFILE**

**Education and Experience**

**Required:**

+ 8+ years’ Information Technology infrastructure engineering experience that includes 3+ years supporting business services running in the public cloud

+ Undergraduate degree in computer sciences or related field or equivalent education, certifications, and experience.

+ 4+ years’ experience in two or more of the following

+ Public Clouds

+ Amazon Web Services (AWS) / EC2

+ Microsoft Azure

+ SaaS

+ Private Cloud Infrastructure

+ OpenStack

+ VMware / vRealize / VMware Integrated OpenStack

+ Endpoint Technologies

+ Network Security Technologies such as Next Gen Firewalls, SASE

+ Cloud Security for SaaS, IaaS, PaaS offerings

+ 2+ years direct team management or team lead role

+ 1+ year’s budget management or management of project financials

**Preferred:**

+ Graduate Degree in a technical discipline

+ Direct management of cross functional, sourced, or matrixes teams. Oversight of Managed Service Providers resources

+ Direct, hands-on experience or strong working knowledge of managing application security infrastructure — e.g., web application firewalls (WAFs, RASP, container security, Virtual Internal firewalls, direct connect, ISP)

+ Experience with static (code) analysis and dynamic analysis tools

+ Working knowledge of firewalls, intrusion prevention systems (IPSs), endpoint protection, SIEM and log management technology.

+ Current information security certification, such as Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Security Manager (CISM), ISACA's CISA

+ Knowledge of Industry Standards such as NIST Cybersecurity Framework (CSF), PCI-DSS, COBIT, CSA, MITRE ATT&CK & CAPAC, STRIDE, DISA, CIS Benchmarks etc.

+ Ability to understand prioritize and remediate Security findings for areas including but not limited to; Cloud Computing, Application Development, IAM and Infrastructure.

+ Proficient in performing quantitative risk management analysis

+ Using ServiceNow to track activities, tasks, approvals, etc.

+ Strong negotiating, influencing and problem resolution skills

+ Proven ability to effectively prioritize and execute tasks in a high-pressure environment

+ Experience in business systems and process planning

+ Knowledge of business environment, service requirements and hospitality culture

+ Ability to translate information security objectives into mutually beneficial business strategies for the client organizations

+ Demonstrated ability to assess customer/client needs, creatively approach solutions, decide and influence appropriate courses of action

**CORE WORK ACTIVITIES**

**Standards & Business Partnership**

+ Oversees, governs, evaluates, and supports the risk remediation, and validation processes to meet the organization’s information assurance, security, and privacy requirements. Ensures appropriate risk treatment plan, compliance, and assurance of internal policies and external regulations.

+ Consults GIS for security and privacy technology research and assessments and integration processes; provides and supports a prototype capability and/or evaluates its utility.

+ Consults with GIS to gather and evaluate functional requirements and provides security and privacy requirements, guidelines, and standards.

+ Conducts assessments working with GIS of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends and operationalizes appropriate mitigation countermeasures.

+ Provides sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain.

+ Advocates policy changes and makes a case on behalf of the company via a wide range of written and oral work products.

+ Applies knowledge of priorities to define an entity’s direction, determine how to allocate resources, and identify programs or infrastructure that are required to achieve desired goals within domain of interest. Develops policy or advocates for changes in policy that will support new initiatives or required changes/enhancements.

**Managing Projects and Priorities**

+ Functions as a strategic senior technical expert within the department

+ Develops specific goals and plans to prioritize, organize, and accomplish work

+ Champions leaders’ vision for product and service delivery

+ Makes and executes the necessary decisions to keep moving forward toward achievement of goals

+ Provides direction and assistance to other teams regarding projects

+ Determines priorities, schedules, plans and necessary resources to promote completion of any projects on schedule

+ Analyzes information and evaluates results to choose the best solution and solve problems

+ Thinks creatively and practically to develop, execute, and implement new project plans

+ Generates and provides accurate and timely results in the form of reports, presentations, etc.

+ Plans, develops, implements, and evaluates the quality of operations

**Delivering on the Needs of Key Stakeholders**

+ Understands and meets the needs of key stakeholders.

+ Communicates concepts in a clear and persuasive manner that is easy to understand.

+ Demonstrates an understanding of business priorities.

+ Supports achievement of performance goals, budget goals, team goals, etc.

**Providing Technical Support and Consultation**

+ Provides technical expertise and technical leadership within own and other teams.

+ Provides recommendations to improve the effectiveness of processes and programs.

+ Demonstrates advanced knowledge of job-relevant issues, products, systems, and processes.

+ Demonstrates advanced knowledge of function-specific procedures.

+ Applies knowledge/judgment to achieve business goals.

+ Foresees, identifies and resolves problems.

+ Keeps up-to-date technically and applies new knowledge to job.

+ Performs other reasonable duties as required for this position.

**Managing Work, Projects, and Policies**

+ Coordinates and implements work and projects as assigned.

+ Generates and provides accurate and timely results in the form of reports, presentations, etc.

+ Analyzes information and evaluates results to choose the best solution and solve problems.

+ Develops specific goals and plans to prioritize, organize, and accomplish work.

+ Sets and tracks goal progress for self and others.

+ Monitors the work of others to ensure it is completed on time and meets expectations.

+ Provides direction and assistance to other organizational units’ policies and procedures, and efficient control and utilization of resources.

**Leading Team**

+ Creates a team environment that encourages accountability, high standards, and innovation.

+ Leads specific team while assisting with meeting or exceeding department goals.

+ Makes sure others understand performance expectations.

+ Ensures that goals are being translated to the team as they relate to tracking and productivity.

+ Creates and nurtures an environment that emphasizes motivation, empowerment, teamwork, continuous improvement and a passion for providing service.

+ Understands employee and develops plans to address need areas and expand on the strengths.

+ Provides the team with the capabilities needed to meet or exceed expectations.

+ Leads by example demonstrating self-confidence, energy and enthusiasm.

**Conducting Human Resources Activities**

+ Acts proactively when dealing with employee concerns.

+ Extends professionalism and courtesy to employees at all times.

+ Communicates/updates all goals and results with employees.

+ Meets semiannually with staff on a one-to-one basis.

+ Establishes and maintains open, collaborative relationships with employees.

+ Solicits employee feedback.

+ Interviews job candidates and assists in making hiring decisions.

+ Receives hiring recommendations from team supervisors.

+ Ensures orientations for new team members are thorough and completed in a timely fashion.

+ Observes behaviors of employees and provides feedback to individuals.

**Additional Responsibilities**

+ Provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.

+ Manages group or interpersonal conflict.

+ Informs and/or updates executives, peers, and subordinates on relevant information in a timely manner.

+ Manages time effectively and conducts activities in an organized manner.

+ Presents ideas, expectations and information in a concise, organized manner.

+ Uses problem solving methodology for decision making and follow up.

+ Performs other reasonable duties as assigned by manager.

This position requires proof of full vaccination against COVID-19 prior to the first date of employment, subject to applicable law. If you are offered employment, this requirement must be met by your date of hire, unless a reasonable accommodation request is received and approved.

_Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law._

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. We believe a great career is a journey of discovery and exploration. So, we ask, where will your journey take you?

Director, Infrastructure Cloud Solutions - Cloud Security

Full time
Cheyenne, WY

Published on 09/17/2022

Share this job now