Massachusetts Information Technology Jobs

Search for Jobs in Information Technology
MassHire JobQuest Logo

Job Information

Marriott Sr. Manager, Threat Management - End Points in Boston, Massachusetts

Job Number 22181791

Job Category Information Technology

Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States

Schedule Full-Time

Located Remotely? Y

Relocation? N

Position Type Management

JOB SUMMARY

Responsible for establishing and maintaining a framework for researching, documenting, and integrating adversary emulation assessments from a network perspective. Duties will include operating a breach and attack simulation platform to successfully mimic network attacks, while acting as a technical subject matter expert to enhance adjacent programs such as incident response, threat hunting, and custom detection creation. Development and reporting on key metrics of the breach and simulation program.

CANDIDATE PROFILE

Education and Experience

Required:

  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification

  • 7+ years of information technology leadership experience.

  • 4+ years’ information security experience that includes threat emulation, manage validation, breach testing, security engineering, software simulations, penetration testing, and/or purple team activities.

  • 1+ years’ SIEM (Splunk) user experience

  • 3+ years’ experience with Endpoint and Detection Response platforms (ex. CrowdStrike Falcon) and root cause detection analysis.

Preferred:

  • Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)

  • Technical leadership experience in a sourced environment

  • Project management skills

  • Excellent communication skills and problem solving ability

  • Demonstrated ability to work independently and with others

  • Ability to manage the details and compliance with standards and expectations

  • Technical infrastructure operations, administration, or engineering background

CORE WORK ACTIVITIES

Threat Management & Response

  • Establish a framework for researching, documenting, and integrating adversary emulation assessments.

  • Responsible for gathering relevant cyber intelligence regarding attacker tactics, techniques, and procedures.

  • Operate a breach and attack simulation platform to successfully mimic adversary behaviors.

  • Work as needed with the incident response team to triage alerts triggered by suspicious or malicious activity.

  • Act as a technical subject matter expert to enhance adjacent programs such as incident response, threat hunting, and custom detection development.

  • Develop and report on key metrics of the breach and simulation program.

  • Responsible for coordinating with the appropriate internal teams for log inclusion of network devices into the breach and attack simulation program.

  • Identifies, develops, and assists with mitigation of identified network detection/alarming gaps.

  • Operates as a key stakeholder in breach and attack simulation as it relates to network defense goals and objectives.

  • Utilize the corporate Endpoint Detection and Response tool and SIEM to identify anomalous activity and potential threats to the enterprise infrastructure.

  • Perform analysis of adversary tradecraft, malicious code, and capabilities for hunt pivoting purposes.

  • Manage the analysis of intrusion artifacts to determine potential specific adversary and motives.

  • Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. Identifies remediation activities and oversees efforts to implement them

  • Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats and comply with relevant data breach laws. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize safety and security of systems, preservation of intellectual property, and information security. Investigates and analyzes all relevant security and privacy response activities.

  • Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends and operationalizes appropriate mitigation countermeasures.

  • Identifies and assesses the capabilities and activities of cyber criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.

  • Analyzes threat information from multiple sources, disciplines, and agencies across the regulatory and Intelligence Communities. Synthesizes and places regulatory and intelligence information in context; draws insights about the possible implications

Maintaining Goals

  • Submits reports in a timely manner, ensuring delivery deadlines are met.

  • Promotes the documenting of project progress accurately.

  • Provides input and assistance to other teams regarding projects.

Managing Work, Projects, and Policies

  • Manages and implements work and projects as assigned.

  • Generates and provides accurate and timely results in the form of reports, presentations, etc.

  • Analyzes information and evaluates results to choose the best solution and solve problems.

  • Provides timely, accurate, and detailed status reports as requested.

Demonstrating and Applying Discipline Knowledge

  • Provides technical expertise and support to persons inside and outside of the department.

  • Demonstrates knowledge of job-relevant issues, products, systems, and processes.

  • Demonstrates knowledge of function-specific procedures.

  • Keeps up-to-date technically and applies new knowledge to job.

  • Uses computers and computer systems (including hardware and software) to enter data and/ or process information.

Delivering on the Needs of Key Stakeholders

  • Understands and meets the needs of key stakeholders.

  • Develops specific goals and plans to prioritize, organize, and accomplish work.

  • Determines priorities, schedules, plans and necessary resources to ensure completion of any projects on schedule.

  • Collaborates with internal partners and stakeholders to support business/initiative strategies

  • Communicates concepts in a clear and persuasive manner that is easy to understand.

  • Generates and provides accurate and timely results in the form of reports, presentations, etc.

  • Demonstrates an understanding of business priorities

Colorado Applicants Only: The salary range for this position is $90,975.00 to $180,131.00 annually.

New York City & Westchester County, NY Applicants Only: The salary range for this position is $110,081.00 to $198,146.00 annually.

All Locations offer health care benefits, flexible spending accounts, 401(k) plan, accrued paid time off (including sick leave where applicable), life insurance, disability coverage, other life and work wellness benefits and may include incentive compensation.  Benefits and incentive compensation may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions.

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. We believe a great career is a journey of discovery and exploration. So, we ask, where will your journey take you?

DirectEmployers