Massachusetts Information Technology Jobs

Search for Jobs in Information Technology
MassHire JobQuest Logo

Job Information

Marriott SrMgr-Information Security - Threat Management & Response in Boston, Massachusetts

Job Number 22167721

Job Category Information Technology

Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States

Schedule Full-Time

Located Remotely? Y

Relocation? N

Position Type Management



JOB SUMMARY

Operate as the lead cyber threat intelligence analyst. Responsible for cyber threat intelligence assessments and briefs, relationship management with threat vendors, tracking and processing of threat alarms, and the coordination with internal teams for the understanding of intelligence needs and requirements

CANDIDATE PROFILE

Education and Experience

Required:

  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification

  • 7+ years’ information technology experience or related professional area.

  • 4+ years’ Information Security experience that includes implementing, managing or governing security technologies, including encryption, network security, intrusion detection and digital forensics

Preferred:

  • Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)

  • Technical leadership experience in a sourced environment

  • Working knowledge of endpoint detection and response tools

  • Project management skills

  • Technical infrastructure operations, administration, or engineering background

CORE WORK ACTIVITIES

Threat Management & Response

  • Operate as the lead cyber threat intelligence analyst

  • Develop and maintain deep understanding of threat vectors, threat actors and emerging threats to effectively track cyber campaigns

  • Produce and review talking points, reports, and briefings for executive audiences regarding current events and strategic cyber intelligence

  • Participate in the external sharing of threat intelligence with partners and external threat groups

  • Manage threat intelligence feeds, including vendor relationships and the internal processing of the information

  • Draft, edit, and proofread threat intelligence assessments and briefs (monthly and quarterly reports)

  • Coordinate and facilitate the processing and escalation of threat intelligence alarms with internal company teams

  • Analyze, document and track threat actor groups, attack patterns, TTPs (Tactics, Techniques, and Procedures, indicators of compromise and potential attack vectors

  • Utilize statistical analysis and event correlation to analyze internal and external threat intelligence data

  • Work with key stakeholders to understand threat intelligence needs and ultimately determine intelligence requirements

  • Provide subject-matter expertise and cross collaborate with internal teams and external entities

  • Contributes to a culture of excellence in technical security threat management and incident response

  • Investigates and analyzes many different types of security incidents, such as network-, host-, application-, and malware-based intrusions across a broad range of computing environments and technology stacks

  • Utilizes the corporate Endpoint Detection and Response tool and SIEM to identify anomalous activity and potential threats to the enterprise infrastructure.

  • Performs analysis of adversary tradecraft, malicious code, and capabilities for hunt pivoting purposes.

  • Performs research to identify targeted attacks, campaigns, and malware.

  • Develops and implements processes that support the analysis of log files (ad hoc and static threat hunts) in the corporate SIEM.

  • Manages the analysis of intrusion artifacts to determine potential specific adversary and motives.

  • Facilitates the mitigation of actual and potential incidents

  • Communicates and/or summarize (in both verbal and written form) complex threat events or security incident details to multiple audiences, such as executives, legal, and technical staff

  • Researches, builds and maintains technology solutions and tools needed to support security incident response investigations and examine digital evidence (for example, network traffic, log, filesystem, memory, and malware analyzers and forensic toolsets); partner with technology teams to innovate solutions to improve preparedness.

  • Designs and carries out security incident preparedness activities, such as compromise assessments and tabletop exercises, and conducting training and awareness sessions for relevant iT RUN groups, Service providers and vendors

Managing Projects and Priorities

  • Functions as a strategic senior technical expert within the department.

  • Develops specific goals and plans to prioritize, organize, and accomplish work.

  • Champions leaders’ vision for product and service delivery.

  • Makes and executes the necessary decisions to keep moving forward toward achievement of goals.

  • Provides direction and assistance to other teams regarding projects.

  • Determines priorities, schedules, plans and necessary resources to promote completion of any projects on schedule.

  • Analyzes information and evaluates results to choose the best solution and solve problems.

  • Reviews vendor proposals and selects appropriate vendor for services/technologies/hardware.

  • Thinks creatively and practically to develop, execute and implement new project plans.

  • Generates and provides accurate and timely results in the form of reports, presentations, etc.

  • Plans, develops, implements, and evaluates the quality of operations.

Delivering on the Needs of Key Stakeholders

  • Understands and meets the needs of key stakeholders.

  • Communicates concepts in a clear and persuasive manner that is easy to understand.

  • Demonstrates an understanding of business priorities.

  • Supports achievement of performance goals, budget goals, team goals, etc.

Providing Technical Support and Consultation

  • Provides technical expertise and technical leadership within own and other teams.

  • Provides recommendations to improve the effectiveness of processes and programs.

  • Demonstrates advanced knowledge of job-relevant issues, products, systems, and processes.

  • Demonstrates advanced knowledge of function-specific procedures.

  • Applies knowledge/judgment to achieve business goals.

  • Foresees, identifies and resolves problems.

  • Keeps up-to-date technically and applies new knowledge to job.

  • Performs other reasonable duties as required for this position.

This position requires proof of full vaccination against COVID-19 prior to the first date of employment, subject to applicable law. If you are offered employment, this requirement must be met by your date of hire, unless a reasonable accommodation request is received and approved.

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. We believe a great career is a journey of discovery and exploration. So, we ask, where will your journey take you?

DirectEmployers