"Alerted.org

Additional Information

**Job Number** 25173312

**Job Category** Information Technology

**Location** Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States, 20814VIEW ON MAP (https://www.google.com/maps?q=Marriott%20International%20HQ%2C%207750%20Wisconsin%20Avenue%2C%20Bethesda%2C%20Maryland%2C%20United%20States%2C%2020814)

**Schedule** Full Time

**Located Remotely?** Y

**Position Type** Management

**Pay Range:** $98,400-$163,500 annually

**Bonus Eligible:** Y

**Expiration Date:** 11/03/2025

JOB SUMMARY

A technical thought leadership role responsible for shaping and executing detection strategy and advanced detection development within both SIEM and Security Data Lake environments. The individual will collaborate across Cybersecurity Analytics, Security Architecture, and Engineering teams to ensure comprehensive detection coverage for Marriott’s business applications and platforms. This role will inform the prioritization of detection development, contribute to supplemental threat modeling, and conduct research and development on adversary TTPs based on threat intelligence. The candidate is expected to bring deep hands-on detection and response expertise to support SOAR and AI-driven security initiatives. The role requires a blend of technical acumen, strategic vision, and the ability to drive innovation in detection engineering.

CANDIDATE PROFILE

Education and Experience

Required:

Bachelor’s degree in computer science, information security, or related field, or equivalent experience/certification.

7+ years experience working in Information Technology including:

5+ years of experience in detection engineering, security analytics, or related cybersecurity roles.

Demonstrated experience with SIEM (e.g., Splunk Enterprise Security) and Security Data Lake platforms.

Experience developing and tuning advanced detection content, including correlation rules, behavioral analytics, and threat hunting queries.

Proven ability to lead cross-functional initiatives and collaborate with diverse technical teams.3+ years of collective experience in one or all of the following:

Splunk SIEM (Splunk Enterprise Security) threat detection use case development

UEBA use case development for insider threat use case development

Preferred Skills/Experience:

Current Advanced information security certifications (e.g., CISSP, CISM, GIAC, OSCP).

Experience supporting SOAR and AI/ML-driven security operations.

Familiarity with cloud security, threat intelligence platforms, and modern security architectures.

Experience with scripting/programming (Python, PowerShell, etc.) and automation.

Working knowledge of frameworks such as MITRE ATT&CK, NIST CSF, and ISO/IEC 27001.

CORE WORK ACTIVITIES

Strategic Leadership:

Inform detection strategy development with detection approaches that leverages SIEM, Security Data Lake, and tools integrated with the security analytics platforms.

Inform and prioritize detection development based upon business risk, threat intelligence, and evolving adversary TTPs.

Lead R&D efforts to identify and address detection gaps, leveraging threat modeling and threat intelligence.

Provide detection governance partnership with Detection Engineering for efficacy reviews and lifecycle management of developed security monitoring content.

Technical Execution:

Develop advanced detections in partnership with Detection Engineering and other partners.

Collaborate with Security Architecture and Engineering teams to ensure detection coverage aligns with cybersecurity risks and business priorities.

Support the integration of detection content with SOAR and AI/ML initiatives to enhance automated response and analytics.

Develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms.

Collaboration and Communication:

Facilitate cross-team collaboration sessions to ideate and review detection use cases and detection methodologies.

Document detection approaches for TTPs, threat models, and monitoring strategies using standard templates and methodologies.

Engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate.

Attend SCRUM and prioritization meetings to review and update deliverables.

Present findings, recommendations, and detection approaches to technical and non-technical stakeholders.

Continuous Improvement:

Stay current with emerging threats, adversary tactics, techniques, and detection technologies.

Contribute to the development and refinement of detection engineering standards, workflows, and best practices.

Provide technical development support for detection engineers

_At Marriott International, we are dedicated to being an equal opportunity employer, welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and celebrated. Our greatest strength lies in the rich blend of culture, talent, and experiences of our associates.  We are committed to non-discrimination on any protected basis, including disability, veteran status, or other basis protected by applicable law._

All positions offer a 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others. Click here (https://life.marriott.com/wp-content/uploads/2025/09/benefitsoverviewp\_2025edits\_8.19.25.pdf) to learn more.

Full-time positions also offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave and educational assistance.

**Washington Applicants Only** : Employees will accrue paid sick leave, 0.077 PTO balance for every hour worked and be eligible to receive a minimum of 9 holidays annually.

Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. **Be** where you can do your best work,​ **begin** your purpose, **belong** to an amazing global​ team, and **become** the best version of you.