Senior Manager - Network Compliance

at Marriott in Springfield, Illinois, United States

Job Description

Job Number 24065201

Job Category Information Technology

Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States

Schedule Full-Time

Located Remotely? Y

Relocation? N

Position Type Management

JOB SUMMARY:

The Senior Manager Network Compliance will be responsible for executing a successful network compliance program that adheres to the highest industry standards. To be successful in this role, the Sr Manager Network Compliance should have significant experience in a technical role within a network and security engineering organization. They should have in-depth knowledge of network and security compliance and risk management frameworks. Engineering knowledge on LAN, WAN and Cloud networks which support Property network, Data Center & Cloud and Corporate Network will be plus. As part of a high performing team of network technologists, the Sr Manager Network Compliance engages in technical engineer’s workgroups and involve in making decisions on complex and high-risk issues, performs research, analysis, design, creation, and implementation of infrastructure systems to meet current and future Compliance requirements. This role is accountable for establishing cross team relationships and partnering with all business disciplines, other teams, outsourcing vendors, and external suppliers to define and implement the Network Compliance roadmap.

This position will also engage to define and support service delivery and operational support standards for our Corporate, Property and Data Center and Cloud networks, partner with the global technology peer teams to meet service level requirements and resolve service delivery issues across the portfolio.

CANDIDATE PROFILE

Qualifications

+ Bachelor’s degree in Engineering, Computer Science, or related technical field experience/certification

+ 7+ years’ experience as a Network Engineer with 4 or greater years in a hands-on role that implements engineering standards, documenting engineering designs, and participating in project cutovers including:

+ 4 years’ experience in a Network Engineering role that include:

+ Creating network configurations complying to Global Security and Compliance Standards.

+ Vulnerability Management experience

+ experience working with both internal and external audit stakeholders

+ Hardware EOL/EOS Management and Prepare the mitigation plans.

+ Implementation of WAN, LAN networks with a focus on mission-critical, highly available, customer-facing applications and services

+ Technical expertise in common routing protocols (e.g., OSPF, BGP), IPv6, VPN, etc. across a global WAN backbones and distributed datacenter platforms

+ Technical knowledge in ancillary network areas like DNS, NTP, and Network Tools & Management as well as advanced networking disciplines of software-defined networks (SDN), spine & leaf designs, load balancing, and security design (next-gen firewalls, intrusion detection, and prevention)

+ Experience with designing and engineering Cloud Network and familiar with AWS, Azure, Alicloud, GCP

+ Designing and executing a successful network compliance program that adheres to the highest industry standards.

+ In-depth knowledge of security compliance and risk management frameworks, such as NIST 800-53, CIS CSC, ISO 27001, and PCI DSS

+ Hands on experience in Routers and Switches specifically on Configuration Compliance.

+ Ability to work non-standard hours during change implementations and service restoration efforts

Other Skills and Attributes

+ Advanced Degree (e.g., MS, PhD) in Computer Science or other technical discipline or MBA, preferably with a focus on technology

+ Certification in network and/or security technologies (e.g., CCIE, CCNP, CISSP, etc.)

+ CCIE is a big plus.

+ Strong Knowledge on Network and Security Compliance Standards on both On prem and Cloud Components.

+ Proven track record of driving transformation in network technologies, tools, and processes through a data-driven continuous improvement methodology

+ Demonstrated experience in improving security, stability, reliability, performance, and agility of complex enterprise networks.

+ Experience working under MPLS and BGP routing protocols.

+ Experience working with load balancing technologies (F5, NLB,ELB)

+ Experience working with network tools.

+ Strong knowledge on Network Automation and CICD Pipelines

+ Experience configuring and troubleshooting firewall technologies (Checkpoint,Paloalto, Cisco)

+ Experience doing packet capture and analysis.

+ Understanding of legacy networking routing protocols and the interaction with cloud interconnects

+ Demonstrated experience in delivering written documents detailing network solutions and diagrams.

+ Proven experience leading highly effective technical teams through major technology and organizational change.

+ Experience in researching emerging technologies and trends, standards, and products and synthesizing into clear technology roadmaps and strategies.

+ Proven experience driving operational performance through defining and enforcing Recovery Time Objective (RTO) and Recovery Point Objective (RPO) Service Level Agreements (SLAs)

+ Strong influencing skills and an ability to overcome barriers while driving change.

+ Excellent verbal and written communication skills for a wide range of audiences

+ Strong inter-personal communication skills, including the ability to collaborate with other non-Network technical teams and non-technical customers

+ Strong attention to detail with an ability to operate effectively across multiple priorities

CORE WORK ACTIVITIES:

Network Compliance & Vulnerability Management

+ Develop, enhance, and operationalize network compliance, vulnerability Management, and related security policies, processes, and controls to comply with policies, regulations, and standards from Global information security perspective.

+ Monitor and assess the effectiveness of network compliance, vulnerability, and related security controls and work closely with Information technology, product towers and business stakeholders on compliance validation, gap analyses, and process improvement.

+ Perform compliance controls assessments of network infrastructure – assess security architecture, adherence to the requirements, conduct periodic scanning and results validation.

+ Document controls gap analysis and risk assessment of the critical network infrastructure.

+ Manage and administer processes and tools that enable the organization to identify, network threats, vulnerability, and track risks and compliance exceptions.

+ Lead, participate or perform various device classification, device discovery, threat prevention and network risk management project and initiatives.

+ Identify and implement network vulnerability detection and reporting tools and drive the team to remediate them with in the risk mitigations time lines.

+ Participate and lead any regulatory audits requirement definition, standard documentation and publish, evidence collection.

+ Review & update internal network compliance policy, procedure, standards on routine basis.

+ Communicate key policy updates to relevant stakeholders, identify potential impacts, and provide training and guidance.

Managing Projects and Priorities

+ Champions leaders’ vision for product and service delivery.

+ Thinks creatively and practically to develop, execute, and implement new project plans.

+ Generates and provides accurate and timely results in the form of reports, presentations, etc.

+ Plans, develops, implements, and evaluates the quality of operations.

Delivering on the Needs of Key Stakeholders

+ Understands and meets the needs of key stakeholders.

+ Communicates concepts in a clear and persuasive manner that is eas