Job Summary
The Director, Security Operations Engineering is primarily responsible for the leadership and technical direction of operations, supporting the Information Security Engineering Operations team. This person will provide management direction and technical leadership as well as manage relationships with various internal and external 3rd party hosting providers responsible for Information Security Engineering Operations team. In addition, this person serves as an escalation point for technical problem analysis and resolution related to Information Security Engineering Operations Team Operations. It requires managerial, hands-on technical work and a strong understanding of information security challenges, domains, concepts, and principles.
Expected Contributions
- Provides leadership and day-to-day management of operations/activities supporting Information Security Engineering Operations team tools and functions, including but not limited to:
- Endpoint Security - Antivirus, anti-malware, device encryption, and device secure management
- Web Security - Protect all networks/devices from Internet (web) based threats
- E-mail Security - Protect e-mail accounts from viruses, phishing, and social engineering attacks
- Account and Authentication Security - Account, password, and access security for 100k+ accounts across 200+ unique applications. Includes single sign-on and multi-factor authentication
- Supports the Technical Architects in performing research, analysis, and design of enterprise security solutions to meet current and future governance and compliance requirements
- Supports the ability to direct the team to limit or contain the impact of a potential cybersecurity event
- Directs efforts to implement security solutions from the design specifications, product installation, maintenance and performance tuning
- Maintains knowledge of external security principles and assures that existing environment retains compliance with up-to-date security standards and principles
- Proactively communicates with internal security/customers/partners on security related issues
- Manages support of existing technologies/systems within Information Security Engineering Operations team
- May plan and manage a technical team of 4-6 associates within a security operations/infrastructure-based project
- Provides financial input to IT Management as requested
- May manage a subset of a project budget
- Manage the development and maintenance of security process activities which includes security operational readiness, deployment, and the continued protection of Servers, PCs, Middleware, Database, Unix and other IT systems
- Is a member of the MVW Risk advisory group providing guidance and recommendations
- Participates in MVW’s Security Response Committee on issues and efforts related to network and systems security
- Responsible for managing the team that supports the internal Online Systems Catalog and incident ticket requests relating to Information and Infrastructure Protection
Candidate Profile
Education
- Bachelor’s degree in computer science, Information Technology, or related discipline or equivalent work experience.
- Master’s degree in information security or related discipline preferred.
Certifications Preferred
- Technical security and/or other security risk management certification (for example: CISSP, CRISC, CISM, CCSP) preferred.
Experience
- At least 10 years progressive experience in relevant Information Security discipline.
- At least 7 years of experience in Information Security.
- At least 3 years of experience in a management role or a similar position.
Skills and Attributes
- Ability to think strategically and tactically, with effective decision-making skills.
- Strong organization skills with demonstrable planning and time management capabilities.
- Have experience driving projects and owning problems within a security environment.
- Ability to communicate complex messages in a simple, clear, and concise manner to the various IT and non-IT teams
- Strong organization skills with demonstrable planning and time management capabilities
- Have solid understanding of the main tenets of information security, data privacy, & risk
- Successful management and support of technologies for both in-house and 3rd party security systems
- Ability to analyze, absorb, advocate, and apply rapidly changing technologies and apply them as part of security solutions to business requirements
- Ability to establish and maintain a high level of peer trust and confidence
- Network knowledge - firewalls/DMZs, routing protocols, networking capabilities
- Knowledge of multiple system environments with extensive experience in one (Windows, Linux, IIS, SQL, Apache)
Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.
