Senior Engineer – Data Security Engineering

JOB SUMMARY

NOTE:  This is a FLEX Associate Engagement  

Position type: Full-time

Required:

• Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
• 5 years of experience in information security with 3+ years’ technical hands-on in data protection and enterprise DLP solution management.
• Expert knowledge in data discovery, data analysis, Data Loss Prevention (DLP), data audit, compliance management, data classification and governance solutions (eg. Microsoft Purview).
• Thorough understanding of the following technologies: data storage, log management, identity and access management, TLS inspection

Preferred:

• Current information security certification, including Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP)
• Proficiency with security controls for cloud environments (Azure and AWS)
• Strong understanding of data protection principles and control frameworks (CSA, NIST, CIS, PCI DSS, GDPR, CCPA)
• Basic experience with one or more scripting languages (e.g., Python, PowerShell and Bash).
• Experience using log analysis tools to troubleshoot issues and to plan for future requirements.
• Policy creation and rule design and updates for the administration security control systems
• Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs
• Demonstrated ability to work independently and with others.
• Ability to manage the details and compliance with standards and expectations
• Self-motivated with the ability to handle multiple priorities, while meeting deadlines.
• Strong problem solving, organizational and project management skills.
• Strong written and verbal communication skills.

CORE WORK ACTIVITIES

• Implement, administer and maintain the security tools, solutions and processes for data protection ecosystem.
• Discover and track sensitive data assets using a data discovery tool.
• Produce detailed technical design, test plans, and implementation plans.
• Provide assistance with audit issues and recommendations for remediation from an Information Security perspective.
• Provide support for Data Loss Prevention (DLP) platform including analysis, continuous configuration, tuning and testing of data loss prevention policies
• Design, implement, review DLP related policies, workflow and system settings following established DLP change process with the assistance of operational tools and resources
• Assist in the evaluation and implementation of products and/or procedures to enhance security.
• Deploy and monitor additional security products and tools or enhancements to existing tools.
• Monitor daily reports to ensure the effectiveness of new and existing security technology.
• Troubleshoot issues that may arise during data discovery scans, scan related performance issues and agent or network related issues.
• Assist in representing the security needs of the organization by providing DLP and security expertise and assistance on IT projects.
• Assist in the development and enforcement of IT security policies, guidelines, standards and procedures.
• Monitoring compliance with regulations and internal policies in relation to the protection of sensitive/personal/confidential/regulated data.
• Design, track, and aggregate on data security KPIs and risk metrics.
• Remain current with regulatory updates and maintain an understanding of data security, regulatory, and compliance topics.

Marriott International is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Marriott International does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.