Marriott International

Parent Category: Job Listings - Public Domain Listings Category: Security Engineers Published: Thursday, 16 July 2020
NOTE: The following job description was extracted from public domain and published here as a value added service to BizLINKS Resources members. We are currently not a direct vendor to the above organisation and would be interested to work with the above through a internal organisation referral
 Employer Referral

Senior Information Security Analyst, Vulnerability at Marriott International 

Posting Date Jun 07, 2020 Job Number 20030620 Job Category Information Technology Location Singapore Regional Office, 2 Harbourfront Place #06-08, Singapore, Singapore, Singapore VIEW ON MAP Brand Corporate Schedule Full-time Relocation? No Position Type Management Start Your Journey With Us Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. We believe a great career is a journey of discovery and exploration. So, we ask, where will your journey take you? Job Summary Contributes to workgroups and/or functions as a technical expert. Assesses and reports on vulnerabilities and remediation efforts across the enterprise. Reviews and documents internal systems review activities. Contributes to designs and roll out of evaluation and improvement processes to assure the inclusion of appropriate elements of quality and compliance with security policy and regulations. Supports the definition and implementation of the Information Vulnerability Management (IVM) Program through the identification and analysis of known and newly found vulnerabilities to determine their operational and security impact. Address vulnerabilities found through remediation recommendations, Information Vulnerability Alerts and Information Vulnerability Bulletins. This task area requires technical knowledge in computer network theory, IT standards and protocols, as well as an understanding of the lifecycle of cyberspace threats, attack vectors, and methods of exploitation. CANDIDATE PROFILE Required Education and Experience Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification 5 years of information technology experience that include experience in implementing, managing or governing security technologies, including vulnerability scanning tools (i.e. Retina, Nessus, etc.) Preferred Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) Technical leadership experience in a sourced environment Basic Project management skills Excellent communication skills and problem solving ability Demonstrated ability to work independently and with others Ability to manage the details and compliance with standards and expectations Technical infrastructure operations, administration, or engineering background CORE WORK ACTIVITIES Contributes technical expertise to the information vulnerability management process, including support of the remediation program Identify and draft mitigation guidance for vulnerabilities with no vendor- provided remediation Establish communications with vendors for the release of newly identified vulnerabilities to ensure they understand specialized and proprietary asset requirements Analyze publicly disclosed vulnerabilities of vendor software/hardware products and develop the mitigation/remediation orders Contribute to daily, weekly, monthly and annual vulnerability metrics associated with affected and non-compliant assets Utilize tracking tools/capabilities in a vulnerability management system to review manually uploaded and automated information to report vulnerability mitigation and remediation progress Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities Assist with the prioritization of newly identified software/hardware vulnerabilities based upon severity, potential operational impact, exploitation, and other factors to assess risk to Marriott assets Conduct open source research to identify and analyze known and unknown vulnerabilities Analyze known issues with vendor provided fixes and contact the appropriate vendor for a defined and attainable solution Perform planned and ad-hoc infrastructure vulnerability scanning, determine remediation options and track remediation to completion. Evaluate and test hardware, firmware and software for possible impact on system security, and the investigation and resolution of security risk and incidents. Assist with vulnerability exceptions. Initiate and evaluate vulnerability scans for operational readiness and validate if vulnerabilities are false positives based on the Operating system and/or and application configuration. Maintain process documentation for Patch Management. Assess, maintain, and distribute security patch deployment ratings for Microsoft, Linux, Unix, and HPUX patch releases. Works with IT Infrastructure partners regarding major system changes to ensure information security standards are addressed early in a project’s life and incorporated into the resulting program Educates internal and external users of security technologies to continually improve the knowledge and skill-base of the organization on how best to operate and support the infrastructure services Participates in the evaluation and selection of security services products Supports governance based on best practices and ensures proper alignment to projects and major initiatives Conducts analysis of the current environment to detect critical deficiencies and recommends solutions for improvement Conducts analysis of technology industry and market trends to determine their potential impact on the infrastructure architecture Promotes the benefits of security services to the organization and educates the team on security concepts Identifies opportunities to enhance the service delivery processes IT Governance Follows all defined IT standards and processes (i.e. IT Governance, SM&G, Architecture, etc.), and provides input for improvements to the appropriate process owners as needed Maintains a proper balance between business and operational risk Follows the defined project management standards and processes Marriott International is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Marriott International does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws. Show more

to BizLINKS Resources

via BizLINKS Resources
Hits: 309
Country: Singapore
Employment Type: Full time
Salary: Open