Senior Manager, Business Information Security Partnership

Job DescriptionJOB SUMMARYThe BISP (Business Information Security Partner) Sr. Manager supports the Business Information Security Partnership (BISP) Directors within Global Information Security (GIS) organization and their assigned products and platforms keeping clear lines of communication including, but not limited to: transparency to the product and platforms on upcoming security initiatives, reporting of security risks to product and platform leader, and the GIS sub-functions. The Sr. Manager also serves as a trusted advisor and relationship owner for an assigned subsection of the business. Additionally, this role will ensure business compliance with the GIS Policy and Standards while continuously monitoring and reporting on risks and documented exceptions.In supporting the BISP Directors, the incumbent will use their experience and knowledge of information and cybersecurity as well as their process management, negotiating, influence and problem-solving skills to understand security technology lifecycles and objectives; further, to translate them into mutually beneficial business strategies for their product and platforms clients. And as relationship owner the incumbent will use their experience in and knowledge of cybersecurity, business, and risk management as well as their process management, financial acumen, negotiating, influence, and problem-solving skills to understand business and security technology lifecycles and objectives; further, to translate them into mutually beneficial business strategies and multi-year plans for their product and platform clients.CANDIDATE PROFILERequired Education and Experience:7+ years progressive and relevant information security work that includes:3+ years in cybersecurity including consulting, governance, risk, compliance, engineering, architecture, identity and access management, vulnerability management, threat intel, security operations, and/or security program management1+ years executing strategic technology plans and/or projects1+ years working with risk management frameworks and processes1+ years communicating security risks and impactsBachelor's degree in Computer Sciences, Cybersecurity, Information Security, Information Technology, Business or related field or equivalent experience/certification.Preferred Experience:Direct experience working in a Business Information Security Officer (BISO) groupExperience in risk mitigation and assessment in application to business needsSupport risk management and compliance programsDemonstrated strategy development and thought leadershipSoft-side and Technical Consulting Skills: growing and maintaining positive strategic relationships, comfortable supporting Sr. Exec Business and Technology Leadership, briefing Sr. Leadership on technical topics, anticipating and proactively addressing needs and concerns, listening/discerning.Good understanding of security best practices, including NIST CSF, NIST 800-53, ISO27001, and PCI DSSKnowledge of global regulatory standards, including GDPR, CCP, Etc.Analytical, planning, organizational, and problem-solving skillsProven ability to track, execute, and report on the goals, actions plan, and deliverables.An understanding of risk management frameworksExperience working in an Agile environmentKnowledge of DevSecOps | application securityExperience participating in security incident responsesAbility to demonstrate security experience via certifications (CISSP, CISA, CRISC, CISM, etc.) or significant career accomplishmentsGraduate/post-graduate degreeCORE WORK ACTIVITIESAct as the deputy of the BISP in terms of strategy and program management to manage and effect cybersecurity risk within sections of lines of businessOwn and drive the information security program for respective sections of lines of businessProvides thought leadership to lines of business, along with Global Technology product and platform technology roadmap strategiesProvides leadership to sections of lines of business for the implementation of the Marriott Information Security policy, procedures, and standards throughout their businessLiaise and coordinate between business teams and Global Information Security to promote the adoption of the GIS strategy and security offeringsServes as the escalation point of contact for assigned sections of lines of business; leads efforts to resolve escalated issuesProposes trade-offs within and across different solution platforms.Provides insights on impacts of the timing of solution introduction and technology retirementProactively identifies information security deficiencies or opportunities for improvement to enable information security at the global level better.Provides communication or escalation path for information security issues identified by Global Information Security or the product and platform teams.Supports risk management process by identifying risk, consulting on remediation plans, and monitoring risk remediation to closureServe as business subject matter expert for incident response and consult and coordinate on emergency actions to protect the businessDeliver security awareness training to drive risk-based decision-making, enabling business teams to achieve their strategies and goalsMonitor Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs); Design and develop appropriate KPIs and KRIsDeliver program consistency and effectiveness across all sections of lines of business for approaches, processes, and procedures.Participates in reporting requirements, monthly/quarterly status meetings, and offsitesMaintaining GoalsSubmits reports in a timely manner, ensuring delivery deadlines are met.Promotes the documenting of project progress accurately.Provides input and assistance to other teams regarding projects.Managing Work, Projects, and PoliciesManages and implements work and projects as assigned.Generates and provides accurate and timely results in the form of reports, presentations, etc.Analyzes information and evaluates results to choose the best solution and solve problems.Provides timely, accurate, and detailed status reports as requested.Demonstrating and Applying Discipline KnowledgeProvides technical expertise and support to persons inside and outside of the department.Demonstrates knowledge of job-relevant issues, products, systems, and processes.Demonstrates knowledge of function-specific procedures.Keeps up-to-date technically and applies new knowledge to job.Uses computers and computer systems (including hardware and software) to enter data and/ or process information.Delivering on the Needs of Key StakeholdersUnderstands and meets the needs of key stakeholders.Develops specific goals and plans to prioritize, organize, and accomplish work.Determines priorities, schedules, plans and necessary resources to ensure completion of any projects on schedule.Collaborates with internal partners and stakeholders to support business/initiative strategiesCommunicates concepts in a clear and persuasive manner that is easy to understand.Generates and provides accurate and timely results in the form of reports, presentations, etc.Demonstrates an understanding of business prioritiesAdditional ResponsibilitiesProvides information to supervisors and co-workers by telephone, in written form, e-mail, or in person in a timely manner.Demonstrates self-confidence, energy and enthusiasm.Informs and/or updates leaders on relevant information in a timely manner.Manages time effectively and conducts activities in an organized manner.Presents ideas, expectations and information in a concise, organized manner.Uses problem solving methodology for decision making and follow up.Performs other reasonable duties as assigned by manager.Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.About the TeamMarriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed.Bewhere you can do your best work,beginyour purpose,belongto an amazing global team, andbecomethe best version of you.#J-18808-Ljbffr

by Jobble