Start Your Journey With Us
Company is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. We believe a great career is a journey of discovery and exploration. So, we ask, where will your journey take you
Lead and oversee teams responsible for security risk management and compliance, Infrastructure Security Governance, and Security Program Management. The leader will define and drive the strategy for governance, risk management and compliance programs. Oversee performance of day to day operations, facilitate escalation of key issues to senior iT and corporate management levels, and manage continuous improvement and cost reduction opportunities.
Education and Experience
- Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
- 12+ years of information technology leadership experience
- Experience implementing and operating programs covering the information security risk, compliance and governance space.
- Working knowledge of PCI, ISO 2700, GDPR and other standards and regulations that impact information security.
- Direct management of cross functional, sourced, or matrixed teams.
- 5+ years of experience leading an information security organization.
- Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)
- Demonstrated success leading large-scale initiatives/transformations
- Knowledge of information security within an infrastructure environment
- ITIL v3 Enterprise experience
- Strong negotiating, influencing and problem resolution skills
- Proven ability to effectively prioritize and execute tasks in a high-pressure environment
- Knowledge of business environment, service requirements and hospitality culture
- Ability to translate information security objectives into mutually beneficial business strategies for the client organizations
- Demonstrated ability to assess customer/client needs, creatively approach solutions, decide and influence appropriate courses of action
- Deep understanding of IT financial structures and ability to manage to corporate financial practices and goals, including drivers of process cost
- Graduate/post graduate degree
CORE WORK ACTIVITIES
- Provides advice on trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization, balanced with risk investment
- Provides leadership, oversight, governance and strategic direction related to the information security services that are required to enable the successful delivery of IT services.
- Sponsors the efforts on researching, designing, and implementing security policies that are standards based, high performance, highly available and secure in delivering the required business functionality
- Leads the evaluation and selection of information security service products.
- Implements governance based on best practices and validates alignment to projects and major initiatives
- Reviews analysis of the current environment to detect critical deficiencies and recommend solutions for improvement.
- Reviews analysis of technology industry and market trends to determine their potential impact on information security
- Validates that information security strategy and planning is aligned with business strategy and goals
- Promotes the benefits of information security services to the organization and educates the organization on security concepts
- Develop and maintain information security strategy documentation and plans.
Managing processes and tools
- Leads the resolution of critical, cross-organizational security issues
- Establishes current and future security requirements and validates compliance
- Defines and drives implementation of security standards in conjunction with IT partners
- Works with direct reports to facilitate consistency of information security programs
- Validates and implements process/changes
- Monitors projects for adherence to defined security processes
- Communicates to IT leaders opportunities to enhance IT related and corporate standards and policies where necessary
- Communicates important security program changes that affect service provider and/or Marriott operations
Supports the IT Organization
- Participates in the creation and maintenance of IT’s business strategy and planning
- Supports and follows defined IT Governance decision rights, standards and practices
- Emphasizes accuracy and effectiveness of estimating and planning management with team
- Assists all IT teams with the preparation and monitoring of business/discipline and continent IT budgets
Cultivate a High-Performing Team
- Create a compelling vision, clear direction and strategy for the team
- Generate enthusiasm and understanding of the information security vision and how each role contributes to the achievement of that vision
- Ensure capabilities are developed and resources are aligned to support the strategy
- Attract, motivate, develop and retain highly skilled leaders; champion and model leadership development
- Create and sustain a work environment that drives associate engagement and enables business success
- Ensure appropriate processes are in place and executed to drive collaboration and alignment within the team and with the broader IT organization
- Serve as a role model and ensure all information security leaders are visible and effective partners with IT counterparts, broader Marriott stakeholders, and service providers