Job Number 24062565

Job Category Information Technology

Location Mumbai Area Office, 303A-304 Fulcrum B Wing Hiranandani Business Park, Mumbai, Maharashtra, India

Schedule Full-Time

Located Remotely? N

Relocation? N

Position Type Management

JOB SUMMARY

The Continent Information Security Partnerships position drives continent security program, policy, and project execution, providing leadership and direction to the above property and on-property teams. The position strives for outstanding security compliance status and ensures that Security implementations within the continent follow company security standards with a special focus on the South Asia Region (properties and above property offices located in India, Sri Lanka, Bangladesh, Nepal, etc.). The role will track and report on established security metrics to Senior GIS and Continent leaders and will have a direct reporting line to the Senior Manager / Director / Senior Director of APAC/APEC Information Security Partnerships. This position maintains strong relationships with continent Business Partners, IT operations, and Field IT Managers and is the point of contact working with them to liaise with additional teams within Security.

CANDIDATE PROFILE

Education and Experience Required Qualifications:

• 5+ years overall experience in Information Technology, IT Security, and/or IT project management experience

• 2+ years in executing technology plans and/or project portfolios or information security programs

• 1+ years’ of implementing enterprise security risk management frameworks and processes.

• Fluent in English, both spoken and written.

• Bachelor’s Degree or the equivalent combination of education, technical training, certification, or work/military experience

Preferred Qualifications:

• 5+ years’ experience in hotel IT Management.

• 2+ years’ experience working with Business and IT partners.

• Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)

• 2+ years’ experience in Cybersecurity response and remediation

• Basic understanding of vulnerabilities and remediation actions

• Basic understanding of different attack vectors

• Demonstrated understanding of key network and technical security controls.

• Experience participating in and coordinating activities for security incident response.

• Good understanding of PCI DSS and Hands-on experience in PCI DSS audits

• Demonstrated ability to apply GIS policies at a discipline unit level.

• Knowledge of IT security within an infrastructure environment.

• Knowledge of business environment, service requirements, and hospitality culture.

• Risk identification and remediation along with respective teams

• Experience in project management.

CORE WORK ACTIVITIES

• Leads Security project implementations within a designated region/area, partnering with the respective above property and property teams.

• Develops and delivers tactical communications, issues remediation planning, and implementation timelines with the regional IT Operations and Global Information Security teams.

• Initiates and completes audit programs, including tracking of progress, results, and gaps remediation. Shares with GIS and continent partners and leads follow-ups, such as Information Security Audits, Information Protection Assessments (IPPA), IT Peer Review, IT Checklist, Regulation related assessments and PCI audits.

• Identifies learning and knowledge gaps and facilitates educational calls, materials and meetings to the regional IT Operations and field associates

• Plans and leads security reviews/certifications for new systems and services for properties across an assigned continent.

• Performs first-line approval of security requests from the partners and presents to leadership for additional approvals

• Key contact for security compliance, partnering with continent and global GIS teams. Tracks compliance of the continent and works with on-property IT associates along with the Area IT Managers towards issues remediations, providing necessary escalations and follow-ups to the respective teams.

• Partners with Cyber Incident Response Team during incident response and remediation with their respective continent

• Point of contact for general questions and queries around global Information security programs, policies, procedures, and/or strategy.

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work,​ begin your purpose, belong to an amazing global​ team, and become the best version of you.