Security Solution Architect - Identity & Access Management

at Marriott in Springfield, Illinois, United States

Job Description

Job Number 24085675

Job Category Information Technology

Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States

Schedule Full-Time

Located Remotely? Y

Relocation? N

Position Type Management

JOB SUMMARY:

This position will be embedded within the Global IAM Security teams with a matrixed reporting structure and will be working directly with all members developing IAM solutions and strategies. As part of the team, the Security Solution Architect develops and maintains security strategies, requirements, and standards for Identity and Access Management (IAM). Designs security IAM solutions for internal associates and external customers. Provides in depth technical security consulting, and responsible for engagement of internal and external Security Subject Matter Experts (SME) throughout various project lifecycles. Serves as point of escalation for security architecture issues and risks that may arise during the course of a technology project. IAM Architect will partner and work closely with key strategic vendors, service providers as well as IT application solution architects to plan, design &/or challenge the security of the application architecture approaches that support cross-functional business needs and align with longer term best practice standards and viable technology roadmaps.

CANDIDATE PROFILE

Education and Experience

Required:

+ Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification

+ 8+ years of progressive information technology experience in development and/or architecture

+ 3+ years’ experience in solution architecting and implementing of Identity Management technologies such as PingID, SailPoint, ForgeRock, Entrust Identity Guard, IBM Security identity and access solutions or Oracle IAM that also includes developing security domain architectures, patterns and standards

+ Direct management of cross functional, sourced, or matrixes teams

Preferred:

+ Current information security certification, such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

+ Proven knowledge of Agile processes and good understanding of ITIL v3 Framework

+ Strong negotiating, influencing and problem resolution skills

+ Proven ability to effectively prioritize and execute tasks in a high-pressure environment

+ Experience in business systems and process planning

+ Knowledge of business environment, service requirements and hospitality culture

+ Ability to translate information security objectives into mutually beneficial business strategies for the client organizations

+ Demonstrated ability to assess customer/client needs, creatively approach solutions, decide and influence appropriate courses of action

+ Deep understanding of IT financial structures and ability to manage to corporate financial practices and goals, including drivers of process cost

+ In depth understanding of Single Sign On federation products using SAML and OAuth technology

+ Experience utilizing security best-practices to control access to LDAP resources and Identity and Access Management Solutions.

+ Graduate/post graduate degree

CORE WORK ACTIVITIES

Standards & Business Partnership

+ Provides advanced architecture and engineering support to automate and administrator identity and compliance requirements into all enterprise information systems.

+ Drives planning and execution of identity management roadmaps and technology enhancements.

+ Creates and maintains standards surrounding documentation related to identity processes, procedure and infrastructure.

+ Assesses current applications and architecture to ensure current implementations align with industry guidelines, best practices and management approved standards.

+ Oversees, evaluates, and supports the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization’s information assurance, security, and privacy requirements. Ensures appropriate treatment of risk, compliance, and assurance of internal policies and external regulations.

+ Defines strategy and roadmap, provides governance, creates standards and guidelines, and reviews and approves architectural designs. Ensures standards and guidelines incorporate legal and regulatory requirements.

+ Conducts security technology research and assessments and integration processes; provides and supports a prototype capability and/or evaluates its utility.

+ Consults with customers to gather and evaluate functional requirements and provides security and privacy requirements, guidelines, and standards.

+ Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends and operationalizes appropriate mitigation countermeasures.

+ Provides sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain. Advocates policy changes and makes a case on behalf of the company via a wide range of written and oral work products.

+ Applies knowledge of priorities to define an entity’s direction, determine how to allocate resources, and identify programs or infrastructure that are required to achieve desired goals within domain of interest. Develops policy or advocates for changes in policy that will support new initiatives or required changes/enhancements.

+ Manages and measures information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, policy enforcement, emergency planning, risk management, security awareness, and other resources.

Maintaining Goals

+ Submits reports in a timely manner, ensuring delivery deadlines are met.

+ Promotes the documenting of project progress accurately.

+ Provides input and assistance to other teams regarding projects.

Managing Work, Projects, and Policies

+ Manages and implements work and projects as assigned.

+ Generates and provides accurate and timely results in the form of reports, presentations, etc.

+ Analyzes information and evaluates results to choose the best solution and solve problems.

+ Provides timely, accurate, and detailed status reports as requested.

Demonstrating and Applying Discipline Knowledge

+ Provides technical expertise and support to persons inside and outside of the department.

+ Demonstrates knowledge of job-relevant issues, products, systems, and processes.

+ Demonstrates knowledge of function-specific procedures.

+ Keeps up-to-date technically and applies new knowledge to job.

+ Uses computers and computer systems (including hardware and software) to enter data and/ or process information.

Delivering on the Needs of Key Stakeholders

+ Understands and meets the needs of key stakeholders.

+ Develops specific goals and plans to prioritize, organize, and accomplish work.

+ Determines priorities, schedules, plans and necessary resources to ensure completion of any projects on schedule.

+ Collaborates with internal partners and stakeholders to support business/initiative strategies

+ Communicates concepts in a clear and persuasive manner that is easy to understand.

+ Generates and provides accurate and timely results in the form of reports, presentations, etc.

+ Demonstrates an understanding of business priorities

Additional Responsibilities

+ Provides information to supervisors and co-workers by telephone, in written form, e-mail, or in person in a timely manner.

+ Demonstrates self-confidence, energy and enthusiasm.

+ Informs and/or updates leaders on relevant inform