Sr. Manager, Insider Threat Management

JOB SUMMARY

Responsible for establishing and maintaining a framework forinsider risk response and mitigation within Marriotts Global Insider Threat Management will include response to insider incidents andcollaborating with multiple areas of the business including human resources business data owners legal physical security SOC/CIRT software development and information technology groups. The Sr. Manager will also act as a technical subject matter expert to enhance adjacent programs such as threat intelligence cybersecurity incident response risk management audit ethics etc. Tracks and manages program metrics (KPI/KRI) to ensure the advancement of the program across the enterprise while mitigating human risk to the organization.

CANDIDATE PROFILE

Education and Experience

Required:

• Bachelors degree in Computer Science Criminal Justice Psychology Sociology or related field or equivalent experience/certification
• 7 years experience in insider threat/risk information security or physical security that includes cross-functional incident response risk assessments threat mitigation and/or investigative support.
• 3 years SIEM DLP UEBA user experience
• 3 years experience with Endpoint and Detection Response platforms (ex. CrowdStrike Falcon) and root cause analysis.

Preferred:

• Current certifications including Certified Insider Threat Program Manager Certified Threat Manager Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)
• Project management skills
• Excellent communication skills and problem-solving ability
• Demonstrated ability to work independently and with others
• Ability to manage the details and compliance with standards and expectations

CORE WORK ACTIVITIES

Insider Threat Management & Response

• Establish a framework for researching documenting and integrating assessments.
• Responsible for gathering relevant intelligence regarding attacker tactics techniques and procedures.
• Work as needed with the incident response team to triage alerts triggered by suspicious or malicious activity.
• Act as a technical subject matter expert to enhance adjacent programs such as incident response threat hunting and custom detection development.
• Develop and report on key metrics of the insider threat management program.
• Utilize the corporate Endpoint Detection and Response tool and SIEM to identify anomalous activity and potential threats to the enterprise infrastructure.
• Perform analysis of adversary tradecraft malicious code and capabilities for hunt pivoting purposes.
• Manage the analysis of artifacts to determine potential specific adversary and motives.
• Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats and comply with relevant data breach laws. Uses mitigation preparedness and response and recovery approaches as needed to maximize safety and security of systems preservation of intellectual property and information security. Investigates and analyzes all relevant security and privacy response activities.
• Conducts assessments of threats and vulnerabilities determines deviations from acceptable configurations or enterprise or local policy assesses the level of risk and develops and/or recommends and operationalizes appropriate mitigation countermeasures.
• Identifies and assesses the capabilities and activities of; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.
• Analyzes threat information from multiple sources disciplines and agencies across industry and regulatory organizations.
• Synthesizes and places regulatory and intelligence information in context; draws insights about the possible implications

Maintaining Goals

• Submits reports in a timely manner ensuring delivery deadlines are met.
• Promotes the documenting of project progress accurately.
• Provides input and assistance to other teams regarding projects.

Managing Work Projects and Policies

• Manages and implements work and projects as assigned.
• Generates and provides accurate and timely results in the form of reports presentations etc.
• Analyzes information and evaluates results to choose the best solution and solve problems.
• Provides timely accurate and detailed status reports as requested.

Demonstrating and Applying Discipline Knowledge

• Provides technical expertise and support to persons inside and outside of the department.
• Demonstrates knowledge of job-relevant issues products systems and processes.
• Demonstrates knowledge of function-specific procedures.
• Keeps up-to-date technically and applies new knowledge to job.
• Uses computers and computer systems (including hardware and software) to enter data and/ or process information.

Delivering on the Needs of Key Stakeholders

• Understands and meets the needs of key stakeholders.
• Develops specific goals and plans to prioritize organize and accomplish work.
• Determines priorities schedules plans and necessary resources to ensure completion of any projects on schedule.
• Collaborates with internal partners and stakeholders to support business/initiative strategies
• Communicates concepts in a clear and persuasive manner that is easy to understand.
• Generates and provides accurate and timely results in the form of reports presentations etc.
• Demonstrates an understanding of business priorities

At Marriott International we are dedicated to being an equal opportunity employer welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and greatest strength lies in the rich blend of culture talent and experiences of our are committed to non-discrimination on any protected basis including disability veteran status or other basis protected by applicable law.