"Alerted.org

Additional Information

**Job Number** 25173314

**Job Category** Information Technology

**Location** Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States, 20814VIEW ON MAP (https://www.google.com/maps?q=Marriott%20International%20HQ%2C%207750%20Wisconsin%20Avenue%2C%20Bethesda%2C%20Maryland%2C%20United%20States%2C%2020814)

**Schedule** Full Time

**Located Remotely?** Y

**Position Type** Management

**Pay Range:** $98,400-$163,500 Annually

**Bonus Eligible:** Y

**Expiration Date:** 11/03/2025

This Senior Security Engineer will be part of the Cyber Analytics and Automation team for our Security Information and Event Management (SIEM) platform.  In this role you will be responsible for designing, implementing, and maintaining the architecture of our SIEM and related platforms to enhance our cybersecurity posture.  You will also leverage your expertise in data processing and routing platforms to provide specialized support for the development of advanced analytics to support our Insider Threat and Cyber Incident Response teams.

CANDIDATE PROFILE

Education and Experience

Required:

Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification

7+ years of experience in Information Technology including:

4+ years of experience in an information security function

3+ years of experience with Splunk

Splunk Cloud Certified Admin

Cribl Certified User

Demonstrated knowledge of the Unix/Linux command line and command line utilities.

Familiarity with cloud security, threat intelligence platforms, and modern security architectures.

Subject matter expert in management and hands-on implementation of SIEM solutions.

Strong level of familiarity with common enterprise infrastructure systems, services and concepts pertaining to general networking, next-gen firewalls, endpoint protection, IDS, IPS, vulnerability management, Linux and Windows OS, databases, logging platforms.

Strong knowledge of AWS services, especially around data storage (e.g. S3, Data Lake) and compute (e.g. EC2) related services.

Working knowledge of Infrastructure as Code tools (e.g. Terraform, CloudFormation).

Working knowledge of IT and infrastructure automation tools (e.g. Ansible, Puppet).

Working knowledge of container/container orchestration technologies (e.g. Docker, Kubernetes, AWS EKS).

Strong working knowledge of CI/CD process and tools.

Preferred:

Splunk Enterprise Certified Architect

Cribl Certified Admin – Stream

Current Advanced information security certifications (e.g., CISSP, CISM, GIAC).

Familiarity (or greater) skill level in SQL

Background in IT security/systems administration or IT security/systems engineering

Working knowledge of frameworks such as MITRE ATT&CK, NIST CSF, and ISO/IEC 27001.

Experience with scripting/programming (Python, PowerShell, etc.) and automation.

Hands-on experience with the configuration and management of Rsyslog or Syslog-ng

Project management skills, with an understanding of core Agile principles

Detail oriented work style, well versed in ITIL best practices for security systems engineering lifecycle management and service delivery.

CORE WORK ACTIVITIES

Strategic Leadership:

Designs, engineers and implements solutions and integrations to meet security requirements pertaining to logging and monitoring functions.

Analyzes and manages performance and health of SIEM platform and requisite services.

Provides technical oversight, standardization and regular review of SIEM platform and requisite services for compliance with security and privacy policies.

Participates in the evaluation and selection of security service products.

Utilizes capability modeling to align systems strategy and planning with business strategy and goals.

Provides tactical direction to stakeholders pertinent to security logging and monitoring functions.

Technical Execution:

Provides tier-3 support for operational escalations or technical issues impacting SIEM or related platforms.

Collaborate with Security Architecture and Engineering teams to ensure detection coverage aligns with cybersecurity risks and business priorities.

Develops and maintains architectural diagrams for newly onboarded security tools.

Develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and related platforms.

Provides after hours support as needed during on-call rotation.

Collaboration and Communication:

Works closely with Security Architecture, Security Engineering, Threat Intelligence and the Cyber Incident Response Team to help develop solutions to address emerging threats, support requested service enhancements, and to support the development of new threat detection use cases.

Coordinates with service providers on infrastructure management and maintenance operations.

Engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate.

Attend SCRUM and prioritization meetings to review and update deliverables.

Produces and regularly updates documentation for SIEM service management and SOPs pursuant to security and privacy policy.

Continuous Improvement:

Continuously evaluates the effectiveness of the SIEM and related platform and requisite services to identify operational improvements, reduce costs, increase performance and automate where possible.

Continuously evaluating searches, scheduled searches, and other activities to identify opportunities to optimize storage and compute and reduce costs.

Contribute to the development and refinement of detection engineering standards, workflows, and best practices.

Following best practices pertaining to lifecycle management.

_At Marriott International, we are dedicated to being an equal opportunity employer, welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and celebrated. Our greatest strength lies in the rich blend of culture, talent, and experiences of our associates.  We are committed to non-discrimination on any protected basis, including disability, veteran status, or other basis protected by applicable law._

All positions offer a 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others. Click here (https://life.marriott.com/wp-content/uploads/2025/09/benefitsoverviewp\_2025edits\_8.19.25.pdf) to learn more.

Full-time positions also offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave and educational assistance.

**Washington Applicants Only** : Employees will accrue paid sick leave, 0.077 PTO balance for every hour worked and be eligible to receive a minimum of 9 holidays annually.

Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. **Be** where you can do your best work,​ **begin** your purpose, **belong** to an amazing global​ team, and **become** the best version of you.