FLEX Risk Compliance Manager
FLEX Risk Compliance Manager
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Contributes to Marriott International in achieving its mission by contributing to internal and external audit engagements that analyze and evaluate new and existing information systems and applications to ensure appropriate controls exists processing is efficient and accurate. Further validates that the results follow Marriotts standards and expectations. This position works closely with Global Information Security leadership and external experts as necessary to build and maintain strong security controlspolicies and standards while ensuring ongoing compliance with all relevant regulations laws and role is expected to evaluate assurance project(s) progress and will track and report meaningful riskbased recommendations to management.
CANDIDATE PROFILE
Education and Experience
Required:
Bachelors degree in Computer Science or related field or equivalent experience/certification
5 years leading the design implementation and assessment of information security programs
2 years implementing enterprise security frameworks and processes
Preferred:
Expert understanding and experience working with some or all of these security frameworks: NIST CSF NIST 80053 NYDFS ISO27001 ISO 27002 PCI DSS.
Current information security certification including Certified Information Systems Security Professional (CISSP) PCI Internal Security Assessor(ISA) Payment Card Industry Professional (PCIP) ISO27001 Lead Auditor Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA).
Expert level understanding of key network and system security controls. Expertise in various security technologies such as firewalls and network segmentation IDS vulnerability/application scanning and penetration testing.
Capability in interpreting and understanding vulnerability scan and penetration testing results.
Working knowledge of global regulatory standards to include GDPR within a digital business.
Demonstrated ability to apply information security policies enterprise wide.
Knowledge of IT security within an infrastructure environment.
Proven knowledge of SDLC and solid understanding of ITIL v3 Framework.
Experience in business systems and process planning.
Working knowledge of business environment service requirements and/or hospitality culture.
Strong foreign language skills particularly reading and writing.
CORE WORK ACTIVITIES
Contributes to and may lead security compliance initiatives such as SSAE 18 SOC 1 and SOC 2 ISO 27001 PCIDSS Global privacy regulations and internal security reviews of the business.
Drives the security compliance program across control frameworks leveraging internal toolsets.
Conducts audits to include controls requirements analysis gap assessments and operational reviews.
Compiles structured audits reports for review and dissemination to auditees business partners and other stakeholders.
Documents and tracks corrective and preventive actions identified during internal and external audits in support of policies and procedures.
Works with business partners to resolve corrective actions in a timely manner.
Responds to customer and regulatory requests regarding security services mechanisms and safeguards.
Advises internal teams on the implementation of security standards and controls frameworks.
Provides approved security language in contracts.
Provides assessments of routine security programs procedures and controls supporting the companys overall security strategy.
Implements appropriate security policy and requirements to meet compliance with company security controls and objectives.
Provides status reports and metrics on all policy and governance aspects to Security IT and business leadership.
Submits formal responses to customer and regulatory requests regarding security services policies controls and mechanisms.
Maintain regular communication with internal stakeholders; participates in both internal and external audit activities.
Contributes to special projects and documentation as needed; may lead projects of limited scope
Supports incident response and forensic investigations as needed.
Maintaining Goals
Submits reports in a timely manner ensuring delivery deadlines are met.
Promotes the documenting of project progress accurately.
Provides input and assistance to other teams regarding projects.
Managing Work Projects and Policies
Manages and implements work and projects as assigned.
Generates and provides accurate and timely results in the form of reports presentations etc.
Analyzes information and evaluates results to choose the best solution and solve problems.
Provides timely accurate and detailed status reports as requested.
Demonstrating and Applying Discipline Knowledge
Provides technical expertise and support to persons inside and outside of the department.
Demonstrates knowledge of jobrelevant issues products systems and processes.
Demonstrates knowledge of functionspecific procedures.
Keeps uptodate technically and applies new knowledge to job.
Uses computers and computer systems (including hardware and software) to enter data and/ or process information.
Delivering on the Needs of Key Stakeholders
Understands and meets the needs of key stakeholders.
Develops specific goals and plans to prioritize organize and accomplish work.
Determines priorities schedules plans and necessary resources to ensure completion of any projects on schedule.
Collaborates with internal partners and stakeholders to support business/initiative strategies
Communicates concepts in a clear and persuasive manner that is easy to understand.
Generates and provides accurate and timely results in the form of reports presentations etc.
Demonstrates an understanding of business priorities
Additional Responsibilities
Provides information to supervisors and coworkers by telephone in written form email or in person in a timely manner.
Demonstrates selfconfidence energy and enthusiasm.
Informs and/or updates leaders on relevant information in a timely manner.
Manages time effectively and conducts activities in an organized manner.
Presents ideas expectations and information in a concise organized manner.
Uses problem solving methodology for decision making and follow up.
Performs other reasonable duties as assigned by manager.
The pay range for this position is $44.90 to $75.53 per hour.
FLEX opportunities offer coverage for medical dental vision health care flexible spending account dependent care flexible spending account life insurance disability insurance accident insurance adoption expense reimbursements paid parental leave 401(k) plan stock purchase plan discounts at Marriott properties commuter benefits employee assistance plan and childcare discounts. Benefits are subject to terms and conditions which may include rules regarding eligibility enrollment waiting period contribution benefit limits election changes benefit exclusions and others.
Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquartersbased positions are considered hybrid for candidates within a commuting distance to Bethesda MD.
Marriott International is an equal opportunity believe in hiring a diverse workforce and sustaining an inclusive peoplefirst are committed to nondiscrimination onanyprotectedbasis such as disability and veteran status or any other basis covered under applicable law.
Required Experience:
Manager
Employment Type
Full-Time
