See more Collapse

Manager - Information Security - Vulnerability (Containers)

2 months ago

Carson City, United States Marriott Full time

Marriott

Manager - Information Security - Vulnerability (Containers)

Carson City ,

Nevada

Apply Now

Schedule

Full-Time Located Remotely?

Y Relocation?

N Position Type

Management JOB SUMMARY The Manager, Vulnerability Management functions as a technical expert in the areas of vulnerability scanning and remediation tracking focused on vulnerabilities within containers and containerized applications. The role will be responsible for identifying vulnerabilities through vulnerability scanning, and ensuring remediation through assessment and reporting. The role will also design, roll out and maintain the evaluation process, identify areas for process improvement to assure the inclusion of appropriate elements of quality and compliance with security policy and regulations. The role will provide assistance with enterprise vulnerability scanning and will be able to create and manage integrated assessments. This role is for a individual contributor who can monitor and assess vulnerability scanning data, prioritize and address vulnerabilities within containers involving collaboration among development, operations and security teams. It requires the ability to communicate with technical and non-technical stakeholders, relay the importance of the vulnerability management activities, the risks presented by findings, and potential remediation actions. This role requires a working knowledge of security and network protocols, system and network administration, and configuration management. CANDIDATE PROFILE Education and Experience Required: Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification 5+ years of information security experience that also includes background and knowledge of general security concepts such as defense in-depth, least privilege, etc. 2+ years’ experience with: Vulnerability scanning and assessment using Tenable.io. Containerization technologies in cloud environments with a focus on vulnerability management and remediation. Vulnerability assessment and reporting including comprehensive understanding of Vulnerability Management methodologies and procedures, threat assessment, and remediation management. Managing or using enterprise vulnerability assessment technologies, including Tenable.io, Tenable Security Center, or similar vulnerability solutions, is required. Preferred: Experience with using and configuring Aqua Security Working knowledge of container security concepts, threats, and mitigations Current information security certification, including Certified Information Systems Security Professional (CISSP), GIAC certification, or Certified Information Security Manager (CISM). Technical leadership experience in both, sourced and contractor, environments. Experience managing or operating enterprise vulnerability management in a large commercial enterprise. Experience working in a multi-cloud enterprise environment. Ability to understand and manipulate large data sets to provide analysis and reporting. Experience working on medium to large projects involving multiple teams in a technical lead role within an enterprise environment. Experience with managing technical aspects of various controls frameworks, such as NIST Security and Privacy Controls and PCI-DSS. Experience managing or operating enterprise vulnerability management in a large commercial enterprise. Familiarity with attack and exploitation techniques involving operating systems, applications, and devices commonly seen in an enterprise environment. Excellent communication skills and problem solving ability. Demonstrated ability to work independently and with others. Technical infrastructure operations, administration, or engineering background. CORE WORK ACTIVITIES Identify, prioritize, and drive remediate of vulnerabilities across our containerized infrastructure Provide technical expertise to vulnerability scanning and assessment on containers and containerized applications. Develop and implement strategies for remediating vulnerabilities in containerized assets Collaborate with DevOps and IT teams to drive vulnerability remediation Support the development and implementation of strategies to enhance and mature the Vulnerability Management processes in containers and containerized applications. Provide technical leadership to the information vulnerability management process, including developing and managing remediation activities. Identify, triage, and prioritize vulnerabilities and associated remediation and mitigation activity using multiple sources of vulnerability, threat, and asset data. Develop remediation and mitigation guidance to include vendor-supplied remediations, mitigating actions to reduce risk, and actions to address vulnerabilities within containers for which complete remediation does not exist, on both individual assets and on multi-asset solutions and environments. Use internal solutions to report on open vulnerabilities, remediation progress, remediation compliance, and vulnerability metrics for use by technical, management, and executive stakeholders. Perform planned and ad-hoc vulnerability scanning, determine remediation options and track remediation to completion. Evaluate and test hardware, firmware and software for possible impact on system security, and the investigation and resolution of security risk and incidents. Assist in the direction of third-party vendors activities to include prioritizing work, developing processes to govern such activities, and reporting on the status, type, and effectiveness of those activities. Create, maintain, and mature vulnerability management processes and associated documentation. Maintain documentation repositories related to vulnerability management for use by internal staff and technical stakeholders Work proactively with IT Infrastructure partners with respect to strategic and tactical plans for information security. Educates internal and external users of security technologies to continually improve the knowledge and skill-base of the organization on how best to manage security configuration, patch management and vulnerability management within the infrastructure services. Participates in the evaluation and selection of security services products. Promotes the benefits of security services to the organization and educates the team on security concepts. Technical Leadership Trains and/or mentors other team members, and peers as appropriate Provides financial input on department or project budgets, capital expenditures or other cost/resource estimates as requested Identifies opportunities to enhance the service delivery processes IT Governance Follows all defined IT standards and processes (i.e. IT Governance, SM&G, Architecture, etc.), and provides input for improvements to the appropriate process owners as needed Maintains a proper balance between business and operational risk Follows the defined project management standards and processes California Applicants Only: The salary range for this position is $83,550 to $178,603 annually. Colorado Applicants Only: The salary range for this position is $83,550 to $162,366 annually. Hawaii Applicants Only: The salary range for this position is $101,096 to $178,603 annually. New York Applicants Only: The salary range for this position is $83,550 to $178,603 annually. Washington Applicants Only: The salary range for this position is $83,550 to $178,603 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus. Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually. All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others. Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions. The application deadline for this position is 28 days after the date of this posting, June 17, 2024. Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law. Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed.

Be

where you can do your best work,

begin

your purpose,

belong

to an amazing global team, and

become

the best version of you.

#J-18808-Ljbffr

We have other current jobs related to this field that you can find below

  • Director of Vulnerability Management and Security Operations

    2 weeks ago

    New York City, United States Alliance Sourcing Network,Inc. Full time

    The Director of Vulnerability Management and Security Operations reports to the Chief Information Security Officer and is responsible for managing senior and junior IT Security engineers in security monitoring, remediating all security-related alerts & reports, and overseeing all IT Security engineering security projects. Other responsibilities include...

  • Information Security Analyst

    3 months ago

    Arizona City, United States Saxon Global Full time

    PUBLIC FACING JOB DESCRIPTION: Job Description: Information Security Analyst - Kubernetes Security American Express is on an exciting Cloud transformation journey led by a high-energy, delivery-focused team delivering security as code and integration to enable on-premise equivalent security models for cloud workloads. The Cloud Security Engineering group...

  • Director of Vulnerability Management and Security Operations

    2 days ago

    New York City (Manhattan), United States Alliance Sourcing Network,Inc. Full time

    The Director of Vulnerability Management and Security Operations reports to the Chief Information Security Officer and is responsible for managing senior and junior IT Security engineers in security monitoring, remediating all security-related alerts & reports, and overseeing all IT Security enginee

  • Information Systems Security Compliance Manager 4

    3 weeks ago

    Carson City, United States INSPYR Solutions Full time

    Information Systems Security Compliance Manager 4 - Carson City, NV (Hybrid/Remote) Title:Information Systems Security Compliance Manager 4 Location: Carson City, NV Rate: $55 - $61.25/hr on W-2 Duration: 12 months (possible extension) Information Systems Security Compliance Manager 4 - Carson City, NV (mostly remote) If you are a fit, please email your...

  • Info Security Specialist

    2 weeks ago

    Kansas City, United States Federal Reserve Bank of Kansas City Full time

    CompanyFederal Reserve Bank of Kansas City The Federal Reserve Bank of Kansas City is seeking an Information Security Specialist to support our Threat and Vulnerability Management team. Responsibilities include monitoring infrastructure/software across varying environments/architecture for vulnerabilities, tracking vulnerability remediation to resolution in...

  • Security Compliance Manager 4

    1 week ago

    Carson City, United States Novalink Solutions Full time

    Job Description Position Description Information Technology (IT) Professionals analyze, develop, implement, maintain, and modify computer operations, systems, networks, databases, applications, and/or information security. Incumbents may perform duties in one or more IT specialization areas depending on the needs of the agency. Incumbents perform supervisory...

  • Security Compliance Manager 4

    2 weeks ago

    Carson City, United States Novalink Solutions LLC Full time

    Job DescriptionJob DescriptionPosition DescriptionInformation Technology (IT) Professionals analyze, develop, implement, maintain, and modify computer operations, systems, networks, databases, applications, and/or information security. Incumbents may perform duties in one or more IT specialization areas depending on the needs of the agency. Incumbents...

  • Senior Manager Vulnerability Management Solutions Support

    1 week ago

    Oklahoma City, Oklahoma, United States Marriott Full time

    Job Number Job Category Information TechnologyLocation Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United StatesSchedule Full-TimeLocated Remotely? YRelocation? NPosition Type ManagementJOB SUMMARYThe Marriott Enterprise Vulnerability Management group oversees attack surface reduction across a wide range of corporate, cloud, data...

  • Information Systems Security Officer

    1 week ago

    Bossier City, United States General Dynamics Information Technology Full time

    Transform technology into opportunity as an Information Systems Security Officer (ISSO) I with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT you'll be at the forefront of innovation and play a meaningful part in improving how agencies operate.At GDIT, people are our differentiator. As an ISSO I you will...

  • Information System Security Officer

    6 days ago

    Oklahoma City, United States CAE USA Full time

    Who We Are:CAE Vision: Our vision is to be the worldwide partner of choice in defense and security, civil aviation, and healthcare by revolutionizing our customers’ training and critical operations with digitally immersive solutions to elevate safety, efficiency and readiness.CAE Defense & Security Mission: CAE's Defense and Security business unit focuses...

  • Information System Security Officer

    5 days ago

    Oklahoma City, United States CAE USA Full time

    Who We Are:CAE Vision: Our vision is to be the worldwide partner of choice in defense and security, civil aviation, and healthcare by revolutionizing our customers’ training and critical operations with digitally immersive solutions to elevate safety, efficiency and readiness.CAE Defense & Security Mission: CAE's Defense and Security business unit focuses...

  • Information Systems Security Officer

    4 days ago

    Bossier City, United States General Dynamics Information Technology Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:Top Secret/SCIClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Other Required:Job Family:Information SecurityJob Qualifications:Skills:Information Systems, Security Operations, Systems SecurityCertifications:Experience:1 + years of related experienceUS...

  • Information Security Analyst III

    2 weeks ago

    Missouri City, United States Infojini Full time

    The Information Security Analyst is responsible for improving and maintaining a comprehensive Information Security Program for Bi-State Development. It would include working with all aspects of the BSD environment including the SCADA network and radio maintenance teams to ensure compliance to all mandates from the FTA, Homeland Security Department, and any...

  • Threat & Vulnerability Management Analyst (Internship)

    3 weeks ago

    Salt Lake City, United States SILAC Insurance Company Full time

    Job DescriptionJob DescriptionAbout SILACSILAC Insurance Company is one of the fastest-growing insurance companies in the nation and continues to be a top contender in the industry. SILAC offers industry-leading annuity products that help individuals prepare for retirement. Teams can align around a shared vision of providing clean, simple & competitive...

  • Threat & Vulnerability Management Analyst (Internship)

    4 weeks ago

    Salt Lake City, United States SILAC Insurance Company Full time

    Job DescriptionJob DescriptionAbout SILACSILAC Insurance Company is one of the fastest-growing insurance companies in the nation and continues to be a top contender in the industry. SILAC offers industry-leading annuity products that help individuals prepare for retirement. Teams can align around a shared vision of providing clean, simple & competitive...

  • Senior Manager Information Security

    1 month ago

    Oklahoma City, Oklahoma, United States Marriott Full time

    Job Number Job Category Information TechnologyLocation Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United StatesSchedule Full-TimeLocated Remotely? YRelocation? NPosition Type ManagementJOB SUMMARYThe Senior Manager is responsible for leading and coordinating, articulating, and tracking actions related to developing and driving the...

  • Information Systems Security Officer

    3 weeks ago

    Pearl City, United States SOSi Full time

    Job Description: Job information for Information Systems Security Officer from the Company SOSi . This latest job vacancy is located in the city Pearl Harbor, HI , United States. This position is open to job seekers who have a Bachelor Degree in a related field. Job Responsibility: SOS International LLC (SOSi) is seeking an experienced Information Systems...

  • Sr. Cyber Security Specialist

    2 weeks ago

    Panama City, United States ISHPI Information Technology Full time

    Overview Ishpi Information Technologies, Inc. (DBA ISHPI) is passionate about providing our customers with technical solutions that satisfy their business needs. Through collaborative interactions with customers, team members, subject matter experts (SMEs), technical leaders, and partners we design practical solutions that solve real problems for major...

  • Director - Vulnerability Solutions Support

    1 week ago

    Oklahoma City, Oklahoma, United States Marriott Full time

    Job Number Job Category Information TechnologyLocation Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United StatesSchedule Full-TimeLocated Remotely? YRelocation? NPosition Type ManagementJOB SUMMARY:The Marriott Enterprise Vulnerability Management group oversees attack surface reduction across a wide range of corporate, cloud, data...

  • Senior Manager Information Security

    1 month ago

    Oklahoma City, United States Marriott Full time

    Job Number 24126000 Job Category Information Technology Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States Schedule Full-Time Located Remotely? Y Relocation? N Position Type Management JOB SUMMARY The Senior Manager is responsible for leading and coordinating, articulating, and tracking...