JOB SUMMARY
NOTE: This is a FLEX Associate Engagement
Position type: Full-Time
Duration: Until March 2025
The Associate Security Solution Architect provides in-depth technical security guidance, acting as the SME for various technologies and project areas. They develop security solution architectures aligned with business needs, maintain security strategies and standards, and ensure compliance with company policies. This role involves identifying gaps, improving security, and supporting Security Accreditation tasks during the SDLC.
Role Responsibilities/Duties
• Develop capability-focused security solution architectures.
• Maintain security strategies, requirements, and standards.
• Ensure alignment with company security policies and industry standards.
• Identify security gaps and collaborate with project teams for improvements.
• Review and approve Security Accreditation tasks during each SDLC phase.
• Serve as the escalation point for security issues and risks.
• Provide expertise in areas such as application security, IAM, infrastructure, network, and vulnerability management.
• Work as an embedded solution architect or across multiple projects/programs as needed.
Qualifications
• Bachelor's or Associate's degree in computer science, information systems, cybersecurity, or a related field, or equivalent experience/certification.
• 5-7+ years of IT experience, including 5+ years in security reviews and accreditation.
• 2+ years of experience in developing Security Architectures and Solutions.
• 2+ years of experience in reviewing and identifying security risks/gaps.
• Experience with architecture methodologies like TOGAF, SABSA, Zachman, etc.
• Knowledge of vulnerability management tools and threat-modeling methodologies.
• Experience securing CI/CD pipelines and public cloud security (AWS, Azure, Alibaba Cloud, Oracle Cloud).
• Full-stack IT infrastructure knowledge (databases, operating systems, IP networks, storage networks, containers/Kubernetes).
Competencies
• Strong working knowledge of IT service management (ITIL-related disciplines).
• Ability to conduct independent research and interact with cross-functional teams.
• Direct experience or strong knowledge of managing security infrastructure (firewalls, IPSs, WAFs, endpoint protection, SIEM, log management).
• Ability to develop Enterprise Security Strategies and review application code for security vulnerabilities.
• Current information security certification (CISSP, CISM, CISA, TOGAF, GAIC).
• Knowledge of industry standards (NIST CSF, PCI-DSS, COBIT, CSA, MITRE ATT&CK, STRIDE, CIS Benchmarks).
Marriott International is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Marriott International does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.
FLEX employees will accrue .03334 hours of paid leave for every hour worked and be eligible to receive minimum of 9 holidays annually.
All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.
Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for remote positions.
The application deadline for this position is 14 days after the date of this posting, April 23rd, 2024.
Location: Bethesda, MD
Posted: Aug. 28, 2024, 12:03 a.m.
Apply Now Company Website