Sr. Manager – Vulnerability Management, Data Analytics And Reporting

Job Number 23138589
Job Category Information Technology
Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States
Schedule Full-Time
Located Remotely? Y
Relocation? N
Position Type Management

The Marriott Enterprise Vulnerability Management group oversees attack surface reduction across a wide range of corporate, cloud, data center, and property locations. Our team members are passionate about protecting our data, systems, and service delivery functions across the globe against a broad range of adversaries.

The Senior Manager, Vulnerability Management, Data Analytics and Reporting functions as an individual technical expert as part of a team that provides support to vulnerability management and remediation teams within the Marriott environment. The role ensures the effective use and distribution of vulnerability related data through the design of reporting strategies and the creation of reporting artifacts. It requires the ability to analyze enterprise vulnerability management data and identify trends, problems, and areas of improvement. The successful candidate will have a working knowledge of the data lifecycle, including technical acquisition techniques, data cleanup, quality assessment, normalization, transformation, verification, and reporting. They will provide meaningful insight based on the data that will drive future vulnerability management efforts and provide recommendations to decision makers. The role will work with other data reporting professionals in information security and global technology to create consolidated reporting across these areas and to provide specialized reporting to meet specific objectives.

CANDIDATE PROFILE

Required Education and Experience:

• Use of data reporting and data visualization tools to communicate key decision making information to stakeholders, including Power BI, Excel, and PowerPoint
• Analysis and reporting of information security data, preferably around vulnerability management
• 4 years of experience in both of the following areas:
• 2 years of experience with data acquisition techniques to collect data from remote data sources
• 7 years of experience in data analysis, visualization, and developing data-drive solutions
• Bachelor’s degree in Information Assurance, Data Science, Statistics, Computer Science, or a related field, or the equivalent combination of experience and certifications

Preferred Experience:

• Experience with enterprise vulnerability reporting tools, such as Tenable.io or Kenna, and experience with vulnerability workflow solutions, such as ServiceNow and Jira
• Experience managing medium to large projects involving multiple teams in a technical lead role
• Strong analytical and problem solving skills
• Experience working in a scaled agile environment
• Proven experience with data enrichment involving SEIM solutions, CMDB, and other sources of asset, event, and state data
• Familiarity with attack and exploitation techniques involving operating systems, applications, and devices commonly seen in an enterprise environment
• Working knowledge of programming techniques with experience in automation, API access, and data management, preferably with Python
• Experience applying statistical analysis to large data sets
• Proficiency with interacting with API data sources
• Firm understanding of vulnerability management concepts and principles

Expected Contributions

• Guide and develop team members in data analysis and reporting skills
• Analyze data to assist with identifying risk and prioritizing remediation efforts
• Assist others with developing reporting and providing analysis around enterprise vulnerability data
• Provide reporting and analysis to demonstrate program effectiveness, drive improvements in maturity and stakeholder awareness, and develop strategic improvements.
• Communicate complex information to stakeholders in a concise and understandable manner
• Develop insights that lead to short- and long-term improvements in the enterprise vulnerability management program
• Ensure that organization core values and culture are embedded into all aspects of the position’s work.
• Work with key stakeholders throughout the organization to build relationships based on an understanding of stakeholder needs and actions consistent with the company’s service standards
• Participate in the development of ongoing vulnerability data management strategies
• Use organizational assessment, reporting, workflow, and communications solutions to fulfill responsibilities of the role and of the team
• Analyze and report on enterprise vulnerability management data from multiple sources in various formats as standalone or merged data sets
• Improve reporting maturity through automation, consolidation, and other techniques as necessary
• Work with third-party providers to assess, report, remediate, and measure the effectiveness of team objectives

Maintaining Goals

• Provides input and assistance to other teams regarding projects.
• Promotes the documenting of project progress accurately.
• Submits reports in a timely manner, ensuring delivery deadlines are met.

Managing Work, Projects, and Policies

• Provides timely, accurate, and detailed status reports as requested.
• Generates and provides accurate and timely results in the form of reports, presentations, etc.
• Analyzes information and evaluates results to choose the best solution and solve problems.
• Manages and implements work and projects as assigned.

Demonstrating and Applying Discipline Knowledge

• Provides technical expertise and support to persons inside and outside of the department.
• Uses computers and computer systems (including hardware and software) to enter data and/ or process information.
• Demonstrates knowledge of job-relevant issues, products, systems, and processes.
• Demonstrates knowledge of function-specific procedures.
• Keeps up-to-date technically and applies new knowledge to job.

Delivering on the Needs of Key Stakeholders

• Develops specific goals and plans to prioritize, organize, and accomplish work.
• Collaborates with internal partners and stakeholders to support business/initiative strategies
• Demonstrates an understanding of business priorities
• Determines priorities, schedules, plans and necessary resources to ensure completion of any projects on schedule.
• Generates and provides accurate and timely results in the form of reports, presentations, etc.
• Communicates concepts in a clear and persuasive manner that is easy to understand.
• Understands and meets the needs of key stakeholders.

Additional Responsibilities

• Presents ideas, expectations and information in a concise, organized manner.
• Uses problem solving methodology for decision making and follow up.
• Demonstrates self-confidence, energy and enthusiasm.
• Performs other reasonable duties as assigned by manager.
• Informs and/or updates leaders on relevant information in a timely manner.
• Manages time effectively and conducts activities in an organized manner.
• Provides information to supervisors and co-workers by telephone, in written form, e-mail, or in person in a timely manner.

California Applicants Only: The salary range for this position is $93,713.00 to $204,107.00 annually.

Colorado Applicants Only: The salary range for this position is $93,713.00 to $185,551.00 annually.

New York City & Westchester County, NY Applicants Only: The salary range for this position is $113,393.00 to $204,107.00 annually.

Washington Applicants Only: The salary range for this position is $93,713.00 to $204,107.00 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus. Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.

All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law. Marriott International considers for employment qualified applicants with criminal histories consistent with applicable federal, state and local law.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work, begin your purpose, belong to an amazing global team, and become the best version of you.