Job Number 20030628
Job Category Information Technology
Location Singapore Regional Office| 2 Harbourfront Place #06-08|
Singapore| Singapore| Singapore
Position Type Management
Start Your Journey With Us
Marriott International is the world’s largest hotel company| with more brands|
more hotels and more opportunities for associates to grow and succeed. We
believe a great career is a journey of discovery and exploration. So| we ask|
where will your journey take you?
Leads the Marriott Cyber Fusion Center located in Singapore. The Director will
supervise the Cyber Incident Response Team that provides Tier 2/3 incident
response support for the world’s largest travel company. The Cyber Incident
Response team will be the third shift in a 24x7x365 support model. The
Director will also supervise (dotted line) associates who have direct
reporting relationships to US-based leaders in the following areas: Cyber
Incident Response| Threat and Vulnerability Management. This role and its team
will work closely with Director| Cyber Incident Response in the US to provide
Education and Experience
Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
8+ years of information technology leadership experience
Direct management of cross functional| sourced| or matrixed teams
3+ years directing/managing a global 24×7 Security Operations Center (SOC) and/or Cyber Incident Response Team
Knowledge of cyber threats| attack tools| techniques and procedures| and containment and remediation strategies
Knowledge of security controls and incident response in a multi-platform environment including on-prem and cloud
Experience in security technologies (i.e.| Incident Case Management| SIEM| SOAR| EDR| Intrusion Prevention| Digital Forensics)
Ability to define| measure and report on incident response KPIs
Current information security certifications (e.g.| CISSP| GCIH| GCIA| GCFE| GCFA)
Knowledge of IT security within an infrastructure environment
Experience with Vulnerability Management tools and processes
Experience with Threat Management tools and processes
Knowledge of privacy regulations and requirements associated with data loss incidents
Excellent analytical skills and ability to apply investigative techniques.
Proven ability to effectively prioritize and execute tasks in a high-pressure environment
Proven knowledge of SDLC; good understanding of ITIL v3 Framework
Strong negotiating| influencing and problem resolution skills
Knowledge of business environment| service requirements and hospitality culture
Ability to translate information security objectives into mutually beneficial business strategies
Demonstrated ability to assess customer needs| creatively approach solutions| decide and influence appropriate courses of action
Understanding of IT financial structures and ability to manage to corporate financial practices and goals| including drivers of process cost
Strong verbal and written communication skills with the ability to articulate complex technical ideas in easy to understand business terms
Graduate/post graduate degree
CORE WORK ACTIVITIES
Cyber Incident Response
Define| lead and deliver cyber incident response processes and procedures and provide routine executive updates.
Maintain technical documentation including standard operating procedures and incident response processes/procedures.
Identify opportunities to automate incident response processes and optimize infrastructure security controls.
Collaborate with and provide direction to the Tier 1 Security Operations Center (MSSP).
Develop new and innovative ways to detect anomalous activity.
Develop| review and test cyber incident response plan.
Use defensive measures and information collected from a variety of sources to identify| analyze| and report events that occur or might occur within the network in order to protect information| information systems| and networks from threats. Identify remediation efforts and oversees efforts to implement them.
Ensure effective transition of responsibilities to the US Cyber Incident Response team daily.
Collaborate within the hospitality and across other industries to identify opportunities to improve security controls or identity threats.
Ensure availability of security systems and services.
Maintain positive relationship with senior leaders from internal stakeholder groups such as other Security Teams IT| Internal Audit| Privacy| Legal| etc.
Identify| report on| and manage operational KPIs.
Participate in| contribute to and lead industry wide information sharing opportunities| including ISAC based relationships.
Stay up to date on operational trends and developments in information security.
Attract| develop| and retain talent to strengthen the organization while providing team members with career growth opportunities inside of the broader security organization| as well as the overall IT organization.
Provide sound advice and recommendations to leadership and staff on a variety of relevant topics within the cyber security discipline.
Apply knowledge of priorities to define company direction| determine how to allocate resources and identify programs or infrastructure that are required to achieve desired goals.
Supervise Threat Management and Vulnerability Management team members located in the APAC offices| assisting their US based leadership in driving their goals and objectives and ensure collaboration across teams.
Cultivate a High-Performing Team
Create a compelling vision| clear direction and strategy for the team
Generate enthusiasm and understanding of the information security vision and how each role contributes to the achievement of that vision
Ensure capabilities are developed and resources are aligned to support the strategy
Attract| motivate| develop and retain highly skilled leaders; champion and model leadership development
Create and sustain a work environment that drives associate engagement and enables business success
Ensure appropriate processes are in place and executed to drive collaboration and alignment within the team and with the broader IT organization
Serve as a role model and ensure all information security leaders are visible and effective partners with IT counterparts| broader Marriott stakeholders| and service providers