Dir-Information Security - Cyber Analytics
Bethesda, MD, United States
Full Time Senior-level / Expert USD 110K - 245K
Marriott International
Book Directly & Save at any of our 8000+ Marriott Bonvoy Hotels. Choose from Luxury Hotels, Resorts, Extended Stay Hotels, Pet-Friendly Hotels & More.JOB SUMMARY
Marriott is seeking a Cybersecurity Analytics Director to lead a function within Cybersecurity Operations focused on developing advanced threat detection capabilities. The successful candidate will leverage their extensive background in cybersecurity and threat detection methodologies, defining team strategy, and guiding teams of specialists to develop innovative threat detection solutions using technologies such as SIEM, UEBA, and similar logging and monitoring tools. This role will also collaborate with teams across the enterprise to understand net-new or existing applications, systems, and services, identify monitoring gaps, and manage implementation of remedial monitoring, ultimately enhancing the organization’s overall security posture.
CANDIDATE PROFILE
Required Education and Experience:
- Bachelor’s degree in computer sciences, related field or equivalent experience and certification
- 8+ years of progressive and collective experience in cybersecurity roles
- 4+ years of:
- Experience managing teams in a cybersecurity or IT environment
- Experience with cyber threat detection strategy development and implementation of effective cyber threat detection methodologies
Preferred:
- Current information security management certification such as:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Other current security and IT certifications such as: GIAC Security Essentials Certification (GSEC), SANS GIAC Incident Handler Certification (GCIH), IT Technical Library (ITIL 4) certification
- Familiarity with industry-standard security frameworks such as ISO 27001, NIST Cybersecurity Framework, CIS Critical Security Controls, MITRE ATT&CK
- Experience working with incident response, threat intelligence, and security orchestration automation and response (SOAR), and other IT and security functions to facilitate threat detection and incident response
- Strong project management skills, including the ability to manage budgets, timelines, and resources effectively
- Experience supporting investigations using formal chain-of-custody methods, forensic tools and best practices
- Working knowledge of IDS/IPS systems, EDR solutions, network infrastructure and protocols, cloud security, IAM systems, virtualization and databases
Leadership attributes:
- Strong negotiating, influencing and problem resolution skills
- Proven ability to effectively prioritize and execute tasks in a high-pressure environment
- Knowledge of business environment, service requirements and hospitality culture
- Strong verbal and written communication skills with the ability to articulate complex technical ideas in easy-to-understand business terms
- Excellent analytical skills and tools experience
- Ability to apply industry investigative techniques
CORE WORK ACTIVITIES
- Define Strategy - Develop and implement strategies for threat detection analytics and supporting objectives with alignment to overall organizational strategy and goals.
- Team Leadership – Lead a team of SIEM and UEBA cyber analytics professionals, overseeing the development of high efficacy threat detections for business applications and services. Work to foster a culture of continuous improvement and drive engagement by encouraging team members to share ideas, learn from each other, and strive for excellence in their work.
- Drive Change - Identify gaps and remediation opertunities in threat detection tools, detection methods for improvement. Socialize issues with stakeholders and drive changes to improve organizational security posture.
- Collaboration - Work with key stakeholders, such as project managers, security analysts, and other leaders to ensure that SIEM and UEBA threat detection analytics align with organizational goals and objectives. Partnerships of particular importance will include: Cyber Incident Response Team (CIRT), Threat Intelligence TI), SIEM engineering, SOAR development team, and Security Engineering, Security Architecture, GRC/Risk Management, and GRC/Compliance.
- Industry Research, Analysis, Recommendations - Continuously monitor industry trends, emerging technologies, and best practices to identify opportunities to improve the company's cyber threat detection capabilities and overall cybersecurity strategy.
- Reporting - Provide regular progress updates and reports to leadership, highlighting key achievements, challenges, and areas for improvement within the cybersecurity analytics development team.
- Budgeting and Expense Management - Develop business cases for new initiative proposals and budget planning. Manage service and initiative budget (expense reports, service invoices, accruals, forecasting).
- Service Cost Optimization - Partner with supporting functions to evaluate cybersecurity analytics service costs and identify opportunities for cost optimization.
- Regulatory and Policy Compliance - Ensure service management and deliverables within the cyber analytics function comply with applicable regulation and corporate policies. Provide support to partner functions to support audits and compliance objectives.
Managing Work, Projects, and Policies
- Coordinates and implements work and projects as assigned.
- Generates and provides accurate and timely results in the form of reports, presentations, etc.
- Analyzes information and evaluates results to choose the best solution and solve problems.
- Develops specific goals and plans to prioritize, organize, and accomplish work.
- Sets and tracks goal progress for self and others.
- Monitors the work of others to ensure it is completed on time and meets expectations.
- Provides direction and assistance to other organizational units’ policies and procedures, and efficient control and utilization of resources.
Leading Team
- Creates a team environment that encourages accountability, high standards, and innovation.
- Leads specific team while assisting with meeting or exceeding department goals.
- Makes sure others understand performance expectations.
- Ensures that goals are being translated to the team as they relate to tracking and productivity.
- Creates and nurtures an environment that emphasizes motivation, empowerment, teamwork, continuous improvement and a passion for providing service.
- Understands employee and develops plans to address need areas and expand on the strengths.
- Provides the team with the capabilities needed to meet or exceed expectations.
- Leads by example demonstrating self-confidence, energy and enthusiasm.
Conducting Human Resources Activities
- Acts proactively when dealing with employee concerns.
- Extends professionalism and courtesy to employees at all times.
- Communicates/updates all goals and results with employees.
- Meets semiannually with staff on a one-to-one basis.
- Establishes and maintains open, collaborative relationships with employees.
- Solicits employee feedback.
- Interviews job candidates and assists in making hiring decisions.
- Receives hiring recommendations from team supervisors.
- Ensures orientations for new team members are thorough and completed in a timely fashion.
- Observes behaviors of employees and provides feedback to individuals.
Additional Responsibilities
- Provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.
- Manages group or interpersonal conflict.
- Informs and/or updates executives, peers, and subordinates on relevant information in a timely manner.
- Manages time effectively and conducts activities in an organized manner.
- Presents ideas, expectations and information in a concise, organized manner.
- Uses problem solving methodology for decision making and follow up.
- Performs other reasonable duties as assigned by manager.
California Applicants Only: The salary range for this position is $110,550.00 to $245,238.00 annually.
Colorado Applicants Only: The salary range for this position is $110,550.00 to $222,943.00 annually.
Hawaii Applicants Only: The salary range for this position is $133,766.00 to $245,238.00 annually.
New York Applicants Only: The salary range for this position is $110,550.00 to $245,238.00 annually.
Washington Applicants Only: The salary range for this position is $110,550.00 to $245,238.00 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus and restricted stock units/stock grants. Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.
All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.
Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.
The application deadline for this position is 28 days after the date of this posting, 4/17/2024.
Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.
Tags: Analytics Audits Automation CISM CISSP Cloud Compliance EDR GCIH GIAC GSEC IAM IDS Incident response IPS ISO 27001 ITIL MITRE ATT&CK Monitoring NIST Risk management SANS SIEM SOAR Strategy Threat detection Threat intelligence
Perks/benefits: Career development Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave Parental leave Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs