at Marriott in Springfield, Illinois, United States
Job Description
Job Number 24081565
Job Category Information Technology
Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States
Schedule Full-Time
Located Remotely? Y
Relocation? N
Position Type Management
JOB SUMMARY
Seeking a proactive manager to lead threat hunting efforts, analyzing security logs and network traffic to identify potential threats and vulnerabilities. Develop and implement custom signatures and rules, collaborating with incident responders to investigate and respond to security incidents. Stay updated on the latest threat intelligence and trends, analyzing attack patterns and conducting threat modeling to enhance detection and mitigation, Previous experience with log analysis tools and offensive security strategies required, along with strong communication skills to articulate threat hunt objectives and associated risks.
CANDIDATE PROFILE
Education and Experience
Required:
+ Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
+ 3+ years of information technology experience or related professional area.
+ 2+ years experience implementing security technologies, including Threat Intelligence Platforms, threat emulation tools, writing custom signatures and rules, network security, intrusion detection and log analysis.
+ Experience analyzing system, network, and application logging for attack techniques at all stages of the cyber kill chain.
+ Direct experience working with very large datasets and log analysis tools including but not limited to: Splunk, Python, Pandas, SQL, Hadoop, Hue.
Preferred:
+ Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)
+ Technical leadership experience in a sourced environment
+ Project management skills
+ Technical infrastructure operations, administration, or engineering background
CORE WORK ACTIVITIES
Threat Operations
+ Proactively hunt for and identify potential threats and vulnerabilities.
+ Perform in-depth analysis of security logs, network traffic, and other data sources to identify indicators of compromise and suspicious activities.
+ Review findings from the company’s managed security validation platform for the creation of new signatures and detections.
+ Create and maintain custom signatures, rules, and alerts to enhance detection and response capabilities.
+ Participate in
+ Develop and implement threat hunting methodologies and techniques to effectively detect and mitigate advanced cyber threats.
+ Collaborate with incident responders, security analysts, and other stakeholders to investigate and respond to security incidents.
+ Stay up to date with the latest threat intelligence and security trends to continuously enhance threat hunting capabilities.
+ Recognize, research, and analyze various threat actor groups/attack patterns, tactics, techniques and procedures.
+ Conduct threat modeling to improve threat detection and mitigation.
+ Manage external and internal threat intelligence partnerships on behalf of the organization. This includes optimizing and managing data sources of threat intelligence information.
+ Familiarity with offensive security strategies and assessment methodology.
+ Opportunities to explain threat hunting objectives in plain English and able to communicate associated risk.
+ Investigate and analyze many different types of security incidents, such as network-, host-, application-, and malware-based intrusions across a broad range of computing environments and technology stacks
+ Work to enhance the Threat Intelligence Platform by vetting intelligence feeds for criticality and relevance.
+ Utilize the corporate Endpoint Detection and Response tool and SIEM to identify anomalous activity and potential threats to the enterprise infrastructure.
+ Perform analysis of adversary tradecraft, malicious code, and capabilities for hunt pivoting purposes.
+ Perform research to identify targeted attacks, campaigns, and malware.
+ Assist with internal investigations as a technical resource for forensic artifact collection and forensic disk analysis.
+ Manage the analysis of intrusion artifacts to determine potential specific adversary and motives.
+ Work to facilitate the mitigation of actual and potential incidents
+ Effectively communicate and/or summarize (in both verbal and written form) complex threat events or security incident details to multiple audiences, such as executives, legal, and technical staff
+ Research, build and maintain technology solutions and tools needed to support security incident response investigations and examine digital evidence (for example, network traffic, log, filesystem, memory, and malware analyzers and forensic toolsets); partner with technology teams to innovate solutions to improve preparedness.
+ Design and carry out security incident preparedness activities, such as compromise assessments and tabletop exercises, and conducting training and awareness sessions for relevant iT RUN groups, Service providers and vendors
MANAGEMENT COMPETENCIES
Leadership
+ Communication – Conveys information and ideas to others in a convincing and engaging manner through a variety of methods.
+ Leading Through Vision and Values -Keeps the organization’s vision and values at the forefront of employee decision making and action.
+ Managing Change -Initiates and/or manages the change process and energizes it on an ongoing basis, taking steps to remove barriers or accelerate its pace; serves as role model for how to handle change by maintaining composure and performance level under pressure or when experiencing challenges.
+ Problem Solving and Decision Making – Identifies and understands issues, problems, and opportunities; obtains and compares information from various sources to draw conclusions, develops and evaluates alternatives and solutions, solves problems, and chooses a course of action.
+ Professional Demeanor – Exhibits behavioral styles that convey confidence and command respect from others; makes a good first impression and represents the company in alignment with its values.
+ Strategy Development – Develops business plans by exploring and systematically evaluating opportunities with the greatest potential for producing positive results; ensures successful preparation and execution of business plans through effective planning, organizing, and on-going evaluation processes.
Managing Execution
+ Building a Successful Team -Uses an effective interpersonal style to build a cohesive team; inspires and sustains team cohesion and engagement by focusing the team on its mission and importance to the organization.
+ Strategy Execution – Ensures successful execution across of business plans designed to maximize customer satisfaction, profitability, and market share through effective planning, organizing, and on-going evaluation processes.
+ Driving for Results – Sets high standards of performance for self and/or others; assumes responsibility for work objectives; initiates, focuses, and monitors the efforts of self and/or others toward the accomplishment goals; proactively takes action and goes beyond what is required.
Building Relationships
+ Customer Relationships – Develops and sustains relationships based on an understanding of customer/stakeholder needs and actions consistent with the company’s service standards.
+ Global Mindset – Supports employees and business partners with diverse styles, abilities, motivations, and/or cultural perspectives; utilizes differences to drive innovation, engagement and enhance business res
To view full details and how to apply, please login or create a Job Seeker account