• Security Engineer, MFA and Web Access Management

    Marriott (Bethesda, MD)


    Additional Information

    **Job Number** 25185779

    **Job Category** Information Technology

    **Location** Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States, 20814VIEW ON MAP (https://www.google.com/maps?q=Marriott%20International%20HQ%2C%207750%20Wisconsin%20Avenue%2C%20Bethesda%2C%20Maryland%2C%20United%20States%2C%2020814)

    **Schedule** Full Time

    **Located Remotely?** Y

    **Position Type** Management

    **Pay Range:** $84,900-$148,600 Annually

    **Bonus Eligible:** Y

    **Expiration Date:** 12/17/2025

    JOB SUMMARY

    Leads the Identity & Access Management (IAM) function in Global Information Security organization through subject matter expertise (L3) on Multi-factor authentication (MFA), Web Access Management (WAM) technologies. Functions as the Security Engineer in the team providing engineering support for MFA and SSO service offerings, daily operations, and continuous improvements. Hands-on MFA implementation experience with PingOne SaaS products (DaVinci, Protect, Verify, Directory) including integrations with Ping Federate for SSO services. Analyzes and implements changes to the MFA and SSO infrastructure including configurations and customizations to address application, security, and performance requirements. Works with stakeholders to integrate and onboard new applications and helps troubleshoot integrations with existing applications and systems. Responsible for directing L2/L1 technical staff to address application security issues.

    CANDIDATE PROFILE

    Required Education and Experience

    + Undergraduate degree in Computer Sciences or related field or equivalent work experience and certifications

    + Minimum 4+ years of information security or infrastructure engineering experience including -

    + 4+ years of experience in managing MFA offerings

    1. Passkeys, Biometrics, FIDO tokens, various authenticators

    2. Implementation exprience of PingOne products like DaVinci, Verify, Protect, Neo

    + 4+ years’ experience of Federation/SSO services, protocols, and technologies a. OAuth/OIDC, SAML, WS-FED b. Browsers, MDM/MAM, X509 cert-based authentication (user & device)

    + 2+ years’ experience with Ping Access and Ping Federate architecture, design, and implementation a. Policy design and implementation b. Ping Fed custom adapter development c. Integration of custom applications

    + 2+ years of experience in Development

    a. JAVA, HTML/JavaScript/JSON, scripting (Ansible, Shell, Perl, Expect)

    + 2+ years of experience translating business requirements to technical requirements with strong written and verbal communication skills

    + 2+ years of experience with LDAP and directory Services using Radiantlogic or Ping Directory

    Preferred:

    + 5+ years of experience with integrating IAM solutions with infrastructure and applications

    + 2+ years of experience in designing & implementing API services and data transformation layers

    + 2+ years of experience on containerized deployment environments

    + Current information security certification, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified SCADA Security Architect (CSSA) or Certified Secure Software Lifecycle Professional (CSSLP)

    + Technical knowledge of industry best practices pertaining to MFA/WAM services

    + Experience with defining & fulfilling Key Performance Indicators for MFA infrastructure

    + Experience in the IAM domain with user lifecycle management, authentication, authorization, federation, and privileged access management

    + Experience in implementing the capabilities such as Passwordless or adaptive authentication

    + Experience with cloud/SaaS IAM/WAM services

    + Experience with Zero-Trust Framework

    + Experience with CASB and WAF technologies.

    + Experience doing business analysis and requirements gathering for complex business systems

    + Responsible for identifying, evaluating, and participating in decision making around new and emerging IAM/MFA technologies and should be able to support other areas of Information Security as needed

    + Strong understanding of PKI, certificate management, security, and provisioning of identity data.

    CORE WORK ACTIVITIES

    + Functions as an MFA and WAM point of contact for IT system administrators, Service Desk, service providers and application owners.

    + Works closely with senior engineers and other team members for MFA and SSO services and operational needs.

    + Routinely collaborates with different security team members including, but not limited to architecture, infrastructure, network, compliance, and incident response

    + Manages the MFA and WAM services including requirements gathering, design, building, testing, deployment, and operationalization.

    + Collaborates with multiple stakeholders to support implementation of new applications and services.

    + Defines and documents MFA an d WAM policies and procedures

    + Creates test cases to ensure cross platform interoperability.

    + Implements and validates security controls for the MFA and WAM solution.

    + Designs security solutions to address risks throughout the Marriott SDLC process and confirm that the level of risk is acceptable in accordance with Marriott’s policies.

    + Provides guidance and oversight for L2/L1 troubleshooting of operational issues.

    + Leads the identification and remediation of relative security events

    Maintaining Goals

    + Submits reports in a timely manner, ensuring delivery deadlines are met.

    + Promotes the documenting of project progress accurately.

    + Provides input and assistance to other teams regarding projects.

    Managing Work, Projects, and Policies

    + Manages and implements work and projects as assigned.

    + Generates and provides accurate and timely results in the form of reports, presentations, etc.

    + Analyzes information and evaluates results to choose the best solution and solve problems.

    + _Provides timely, accurate, and detailed status reports as requested._

    Demonstrating and Applying Discipline Knowledge

    + Provides technical expertise and support to persons inside and outside of the department.

    + Demonstrates knowledge of job-relevant issues, products, systems, and processes.

    + Demonstrates knowledge of function-specific procedures.

    + Keeps up-to-date technically and applies new knowledge to job.

    + Uses computers and computer systems (including hardware and software) to enter data and/ or process information.

    Delivering on the Needs of Key Stakeholders

    + Understands and meets the needs of key stakeholders.

    + Develops specific goals and plans to prioritize, organize, and accomplish work.

    + Determines priorities, schedules, plans and necessary resources to ensure completion of any projects on schedule.

    + Collaborates with internal partners and stakeholders to support business/initiative strategies

    + Communicates concepts in a clear and persuasive manner that is easy to understand.

    + Generates and provides accurate and timely results in the form of reports, presentations, etc.

    + Demonstrates an understanding of business priorities

    Additional Responsibilities

    + Provides information to supervisors and co-workers by telephone, in written form, e-mail, or in person in a timely manner.

    + Demonstrates self-confidence, energy and enthusiasm.

    + Informs and/or updates leaders on relevant information in a timely manner.

    + Manages time effectively and conducts activities in an organized manner.

    + Presents ideas, expectations and information in a concise, organized manner.

    + Uses problem solving methodology for decision making and follow up.

    + Performs other reasonable duties as assigned by manager.

     

    _At Marriott International, we are dedicated to being an equal opportunity employer, welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and celebrated. Our greatest strength lies in the rich blend of culture, talent, and experiences of our associates.  We are committed to non-discrimination on any protected basis, including disability, veteran status, or other basis protected by applicable law._

     

    All positions offer a 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others. Click here (https://life.marriott.com/wp-content/uploads/2025/09/benefitsoverviewp\_2025edits\_8.19.25.pdf) to learn more.

     

    Full-time positions also offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave and educational assistance.

     

    **Washington Applicants Only** : Employees will accrue paid sick leave, 0.077 PTO balance for every hour worked and be eligible to receive a minimum of 9 holidays annually.

     

    Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.

     

    Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. **Be** where you can do your best work,​ **begin** your purpose, **belong** to an amazing global​ team, and **become** the best version of you.