• Senior Engineer, Detection R&D

    Marriott (Bethesda, MD)


    Additional Information

    **Job Number** 26209472

    **Job Category** Information Technology

    **Location** Marriott International HQ, 7750 Wisconsin Ave, Bethesda, Maryland, United States, 20814VIEW ON MAP (https://www.google.com/maps?q=Marriott%20International%20HQ%2C%207750%20Wisconsin%20Ave%2C%20Bethesda%2C%20Maryland%2C%20United%20States%2C%2020814)

    **Schedule** Full Time

    **Located Remotely?** Y

    **Position Type** Management

    **Pay Range:** $100,400-$166,800 Annually

    **Bonus Eligible:** Y

    **Expiration Date:** 02/04/2026

    JOB SUMMARY

    This role is responsible for enhancing detection coverage and methodology through cyber threat detection research and advanced threat detection prototyping within the SIEM, Security Data Lake, and analytics tools. Research entails analysis and devising detection approaches informed by threat intelligence by the CTI Team, threat models, purple team outcomes, and detection coverage and visibility gap assessments. Development work entails advanced detection prototyping for deployment at scale in partnership with Detection Engineering, Cybersecurity Operations, and Marriott’s business application teams. Candidates should possess either red team or purple team experience as well as expertise in cyber threat detection and response, and a strong understanding of adversarial TTPs. Hands-on skills and creative thinking are essential.

    CANDIDATE PROFILE

    Education and Experience

    Required:

    + Bachelor’s degree in Computer Science, Information Security, or a related field; or equivalent experience and certifications

    + 6+ years of combined experience in detection engineering, red/purple teaming, security analytics, vulnerability management or cyber threat detection roles

    + 3+ years working with Splunk SIEM (Enterprise Security), CrowdStrike NG-SIEM, or developing UEBA/behavior-based threat detections

    + Hands-on experience with EDR tools such as CrowdStrike Falcon, MS Defender, Sentinel One, etc., and pen testing/vulnerability assessments

    + Proven ability to develop advanced detection content including correlation rules, behavioral analytics, and threat hunting queries

    Preferred Skills/Experience:

    + Current advanced information security certifications (e.g., CISSP, CISM, GIAC, OSCP)

    + Hands on experience with UEBA solutions and building detections leveraging machine learning

    + Amazon Security Lake experience

    + Familiarity with cloud security, threat intelligence platforms, and modern security architectures

    + Experience with scripting/programming (Python, PowerShell, etc.) and automation

    + Working knowledge of frameworks such as MITRE ATT&CK, MITRE D3FEND, NIST CSF, and ISO/IEC 27001

    Core Responsibilities

    Leadership:

    + Provide mentorship for junior engineers and Detection Engineering resources.

    Technical Execution:

    + Conduct cyber threat detection methodology research aligned with cyber threat detection coverage gaps, threat modeling, and threat intelligence

    + Partner with CTI Team, Detection Engineering, Security Engineering and Security Architecture to develop behavior-based detections leveraging AI/ML and other methods

    + Develop prototype correlation searches, dashboards, reports and alerts within the SIEM, UEBA and Security Data Lake platforms. Partner with CTI Team and Detection Engineering to deploy detections at scale

    Collaboration and Communication:

    + Share detection approaches, recommendations, developed analytics, and other products of detection research with CTI Teams, Detection Engineering and other teams as appropriate to inform detection development

    + Facilitate cross-team collaboration sessions to ideate and review detection use cases and detection methodologies

    + Document and share detection approaches for TTPs, threat models, and monitoring strategies using standard templates and methodologies

    + Collaborate with CTI Team, Detection Engineering, Security Architecture and Engineering teams to ensure detection coverage aligns with cybersecurity risks and business priorities

    + Engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate

    + Attend SCRUM and prioritization meetings to review and update deliverables

    Continuous Improvement:

    + Drive detection coverage gap improvement and increased detection efficacy

    + Stay current with emerging threats, adversary tactics, techniques, and detection technologies

    + Contribute to the development and refinement of detection engineering standards, workflows, and best practices

     

    _At Marriott International, we are dedicated to being an equal opportunity employer, welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and celebrated. Our greatest strength lies in the rich blend of culture, talent, and experiences of our associates.  We are committed to non-discrimination on any protected basis, including disability, veteran status, or other basis protected by applicable law._

     

    All positions offer a 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others. Click here (https://life.marriott.com/wp-content/uploads/2025/09/benefitsoverviewp\_2025edits\_8.19.25.pdf) to learn more.

     

    Full-time positions also offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave and educational assistance.

     

    **Washington Applicants Only** : Employees will accrue paid sick leave, 0.077 PTO balance for every hour worked and be eligible to receive a minimum of 9 holidays annually.

     

    Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.

     

    Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. **Be** where you can do your best work,​ **begin** your purpose, **belong** to an amazing global​ team, and **become** the best version of you.