Manager – Security Architecture And Strategy (Contractual)

JOB SUMMARY: 

The Manager, Security Architecture and Strategy, is a key role in continent security aspects responsible for assuring all functions of the Security Engagement Review (SER) Process are performed in a timely manner. The objective for this role entails being as a member of the Security Architecture and Strategy (SA) team as a coordinator role working within the SA team assigning engagements, verifying the SERs are moving forward, identifying challenges in completion of these assessments and removing obstacles to the completion. The coordinator will also work with teams outside SA to gather the required information for the completion of the SER, guide these teams during the process, and serve as the point of contact for any issues or questions that arise. The role will have a direct reporting line to the Director, Security Architect, APEC. 

Other tasks which will make this role successful would include creating and giving presentations on the SER process and organization, including senior executive level associates, managing small projects, and a level of comfort in explaining basic security concepts. Strong organizational and interpersonal skills are required, as well as a good understanding of the various requirements in the region as drivers to security design and execution.  

CANDIDATE PROFILE 

Education and Experience Required:

Education and Experience 

• Bachelor’s degree in Computer Science, Information Technology, Information Security, Cybersecurity or related field
• 3+ years IT/ information security work experience, preferably in a large organization
• Experience in reviewing Security Architectures and explaining security risks/gaps as well as mitigation strategies is highly desirable
• Professional certifications related to security assessment, such as CISA, CRISC, PCI ISA, ISO/IEC 27001 Lead Auditor, etc.
• The coordinator must have strong interpersonal communication skills, as well as organizational skills. Project management experience is also desirable.
• Fluent in English, both spoken and written. As the role will liaise with different backgrounds in Asia Pacific, proficiency in Chinese and additional language skills will be an advantage.

Preferred:

• Strong working knowledge of IT service management (e.g., ITIL-related disciplines)
• Ability to communicate Security Requirements for areas including but not limited to: Cloud Computing, Application Development, IAM, Cryptography, and Infrastructure design and standards to a diverse audience.
• Ability to present the process to all levels of audience, be comfortable answering questions around the process, gather and document feedback from these presentations and bring that back to the Security Architect for future enhancements.
• Experience in creating presentations in PowerPoint, and comfort in presenting to C level executives.
• Ability to multitask and prioritize projects to provide excellent customer satisfaction results.
• Coordination of team members to assure no Security Engagement Process related tasks remain unfinished or abandoned.
• Ability to conduct independent research on possible issues with the process.
• Strong abilities and experience in documentation and written communication for diverse audiences
• Experience working with diverse and distributed global teams.
• Basic knowledge of technologies such as, but not limited to: SaaS services, Application Design, Network Infrastructure, Operating Systems, Identity and Access Management.
• Strong negotiating, influencing and problem resolution skills.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Ability to assess customer/client needs, creatively approach solutions, decide and influence appropriate courses of action independently.
• Knowledge of global and regional regulatory requirements, standards and best practices e.g. GDPR, PCI, CBDT, NIST, OWASP, etc.

CORE WORK ACTIVITIES 

• Contributes to, evaluates, and supports the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization’s information assurance, security, and privacy requirements. 
• Consults with customers to gather and evaluate functional requirements and provides these to the Security Architect team.
• Provides sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain
• Works with the Security Architect Analysts to monitor ongoing project activities, intake of new projects and monitoring of the Security Engagement Process to meet team objectives for performance.

Managing Projects and Priorities

• Develops specific goals and plans to prioritize, organize, and accomplish work.
• Champions leaders’ vision for product and service delivery.
• Makes and executes the necessary decisions to keep moving forward toward achievement of goals.
• Provides direction and assistance to other teams regarding projects.
• Determines priorities, schedules, plans and necessary resources to promote completion of any projects on schedule.
• Analyzes information and evaluates results to choose the best solution and solve problems.
• Thinks creatively and practically to develop, execute and implement new project plans.
• Generates and provides accurate and timely results in the form of reports, presentations, etc.
• Plans, develops, implements, and evaluates the quality of operations.

Delivering on the Needs of Key Stakeholders

• Understands and meets the needs of key stakeholders.
• Communicates concepts in a clear and persuasive manner that is easy to understand.
• Demonstrates an understanding of business priorities.
• Supports the achievement of team and process performance goals.

Providing Process Guidance and Consultation

• Provides recommendations to improve the effectiveness of processes and programs.
• Demonstrates advanced knowledge of job-relevant issues, products, systems, and processes.
• Demonstrates advanced knowledge of function-specific procedures.
• Applies knowledge/judgment to achieve business goals.
• Foresees, identifies and resolves problems.
• Performs other reasonable duties as required for this position.

Additional Functions

• Provides answers to general questions and queries around Security Engagement Review (SER) process and other related queries.
• Partners with Data Governance, Vendor Risk Assessment teams throughout the SER process

Additional Responsibilities

• Informs, updates, and provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.
• Attends and participates in all relevant meetings.
• Presents ideas, expectations and information in a concise, organized manner.
• Uses problem solving methodology for decision making and follow up.
• Maintains positive working relations with internal customers and department managers.
• Manages time effectively and conducts activities in an organized manner.
• Performs other reasonable duties as assigned by manager.

At Marriott International, we are dedicated to being an equal opportunity employer, welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and celebrated. Our greatest strength lies in the rich blend of culture, talent, and experiences of our associates.  We are committed to non-discrimination on any protected basis, including disability, veteran status, or other basis protected by applicable law. 

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work,​ begin your purpose, belong to an amazing global​ team, and become the best version of you.