FLEX Associate Data Security Architect
Bethesda, MD, United States
Marriott International
Book Directly & Save at any of our 8000+ Marriott Bonvoy Hotels. Choose from Luxury Hotels, Resorts, Extended Stay Hotels, Pet-Friendly Hotels & More.Job Summary: We are seeking a highly skilled Data Security Architect with extensive experience in securing Data Lakehouse environments. The ideal candidate will have a deep understanding of data security principles, best practices, and the ability to implement robust security frameworks. Experience with Snowflake and other cloud-based data platforms is highly preferred.
Key Responsibilities:
- Design & Implement Security Frameworks: Develop and implement comprehensive security architectures for Data Lakehouse environments, ensuring data integrity, confidentiality, and availability.
- Snowflake Security Expertise: Leverage expertise in Snowflake to design and enforce security policies, access controls, and data protection mechanisms within the platform.
- Data Governance: Collaborate with data governance teams to ensure that data management practices comply with regulatory requirements and industry standards.
- Threat Modeling & Risk Assessment: Conduct threat modeling, risk assessments, and security reviews to identify vulnerabilities and implement appropriate countermeasures.
- Access Management: Design and implement role-based access controls (RBAC), ensuring that access to sensitive data is restricted based on the principle of least privilege.
- Encryption & Data Masking: Implement and manage encryption standards and data masking techniques to protect sensitive information in transit and at rest.
- Collaboration: Work closely with IT, data engineering, and analytics teams to ensure security requirements are integrated into data pipelines and data storage solutions.
- Compliance & Audits: Ensure compliance with relevant data protection regulations (e.g., GDPR, CCPA) and participate in internal and external audits.
- Continuous Improvement: Stay current with emerging security trends, threats, and technologies. Continuously refine security architectures to address evolving risks.
- Secure PII Data: Design and engineer security safeguards for PII data
- Security policies: Define, create, implement, and maintain corporate security policies and procedures
- Pattern Development: Use Security best practices, develop security and data protection patterns, working with Enterprise Architecture for pattern standardization
Qualifications:
- Education: Bachelor's degree in Computer Science, Information Security, or a related field. A Master’s degree or professional certifications such as CISSP, CISM, or SANS GIAC are preferred.
- Experience: Minimum of 5 years of experience in application security and DevSecOps roles or a related field, with a proven track record of developing and managing security architectures for complex applications.
- Technical Skills:
- Deep understanding of data security principles, encryption techniques, and secure data storage practices.
- Hands-on experience with Snowflake security features, including access controls, encryption, and data masking.
- Familiarity with other cloud-based data platforms (e.g., AWS, Azure, Google Cloud).
- Proficient in security frameworks such as NIST, ISO 27001, and CIS Controls.
- Communication Skills: Excellent verbal and written communication skills, with the ability to communicate complex security concepts to a variety of audiences, including technical and non-technical stakeholders.
- Problem-Solving Skills: Strong analytical and problem-solving skills, with the ability to handle complex security issues and quickly adapt to changing environments.
- Leadership: Demonstrated leadership abilities, with the capacity to lead cross-functional teams and drive projects to completion.
- Self Management: Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Agile methodologies: Familiarity of SAFe Agile Methodologies
CORE WORK ACTIVITIES 
Standards & Business Partnership
- Contributes to, evaluates, and supports the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization’s information assurance, security, and privacy requirements. Ensures appropriate treatment of risk, compliance, and assurance of internal policies and external regulations.
- Defines strategy and roadmap, provides guidance, creates standards and guidelines, and reviews architectural designs. Ensures standards and guidelines incorporate legal and regulatory requirements.
- Conducts security and privacy technology research, assessments, and integration processes; provides and supports a prototype capability and/or evaluates its utility.
- Consults with customers to gather and evaluate functional requirements and provides security and privacy requirements, guidelines, and standards.
- Provides sound advice and recommendations to leadership and staff on relevant topics within the pertinent subject domain.
- Applies knowledge of priorities to define an entity’s direction and identify programs or infrastructure that are required to achieve desired goals within domain of interest. Develops policy or advocates for changes in policy that will support new initiatives or required changes/enhancements.
- Works with the Security Architect Analysts to monitor ongoing project activities, intake of new projects and monitoring of the Security Engagement Process including but not limited to: Data Classification, Security Controls, Threat Models, Architecture Review Boards, Authority to Operate.
MANAGEMENT COMPETENCIES
Leadership
- Communication: Conveys information and ideas to others convincingly and engagingly through various methods.
- Leading Through Vision and Values – Keeps the organization’s vision and values at the forefront of employee decision making and action.
- Managing Change – Initiates and/or manages the change process and energizes it on an ongoing basis, taking steps to remove barriers or accelerate its pace; serves as role model for how to handle change by maintaining composure and performance level under pressure or when experiencing challenges.
- Problem Solving and Decision Making – Identifies and understands issues, problems, and opportunities; obtains and compares information from different sources to draw conclusions, develops and evaluates alternatives and solutions, solves problems, and chooses a course of action.
- Professional Demeanor – Exhibits behavioral styles that convey confidence and command respect from others; makes a good first impression and represents the company in alignment with its values.
- Strategy Development – Develops business plans by exploring and systematically evaluating opportunities with the greatest potential for producing positive results; ensures successful preparation and execution of business plans through effective planning, organizing, and on-going evaluation processes.
Managing Execution
- Building a Successful Team - Uses an effective interpersonal style to build a cohesive team; inspires and sustains team cohesion and engagement by focusing the team on its mission and importance to the organization.
- Strategy Execution – Ensures successful execution of business plans designed to maximize customer satisfaction, profitability, and market share through effective planning, organizing, and on-going evaluation processes.
- Driving for Results - Sets high standards of performance for self-and/or others; assumes responsibility for work objectives; initiates, focuses, and monitors the efforts of self-and/or others toward the accomplishment goals; proactively takes action and goes beyond what is required.
Building Relationships
- Customer Relationships - Develops and sustains relationships based on an understanding of customer/stakeholder needs and actions consistent with the company’s service standards.
- Global Mindset - Supports employees and business partners with diverse styles, abilities, motivations, and/or cultural perspectives; utilizes differences to drive innovation, engagement and enhance business results; and ensures employees are given the opportunity to contribute to their full potential.
- Strategic Partnerships - Develops collaborative relationships with fellow employees and business partners by making them feel valued, appreciated, and included; explores partnership opportunities with other people in and outside the organization; influences and leverages corporate and continental shared services and/or discipline leaders (e.g., HR, Sales & Marketing, Finance, Revenue Management) to achieve objectives; maintains effective external relations with government, business and industry in respective countries; performs effectively as a liaison between locations, disciplines, and corporate to ensure needed resources are received and corporate strategies are understood and executed.
Generating Talent and Organizational Capability
- Developing Others - Plans and supports the development of others’ skills and capabilities so that they can fulfill current or future job/role responsibilities more effectively; provides high visibility to individuals with potential; offers challenging assignments that build confidence and credibility and provides such individuals with a personal vision for their future.
- Organizational Capability - Evaluates and adapts the structure of assignments and work processes to best fit the needs and/or support the goals of an organizational unit.
Learning and Applying Professional Expertise
Business Acumen - Understands and utilizes business information to manage everyday operations and generate innovative solutions to approach business and administrative challenges.
- Technical Acumen - Understands and utilizes professional skills and knowledge in a specific functional area to conduct and manage everyday business operations and generate innovative solutions to approach function-specific work challenges.
- Technical Intelligence: knowledge and ability to identify technological opportunities and threats that could affect the future growth and survival of the business.
- Technology Life Cycle: knowledge of the Life Cycle of technologies and how applications, infrastructure, and processes relate to these timelines.
- IT Systems: Knowledge of IT systems supporting the business including benefits, requirements, costs, justification, and operations.
- IT Resources: The ability to secure and manage IT resources to achieve business objectives (e.g., contracts, vendor relationships, financial accountability, portfolio management, information, and resource planning) and measure project impact.
- Continuous Learning - Actively identifies new areas for learning; regularly creates and takes advantage of learning opportunities; uses newly gained knowledge and skill on the job and learns through their application.
- Strategy Knowledge - Understanding and utilizing professional skills and knowledge in a specific functional area to conduct and manage business operations and generate innovative solutions to approach function-specific strategic work challenges.
- Basic Competencies - Fundamental competencies required for accomplishing basic work activities.
- Basic Computer Skills - Uses basic computer hardware and software (e.g., personal computers, word processing software, Internet browsers, etc.).
- Mathematical Reasoning - Adds, subtracts, multiplies, or divides quickly, correctly, and in a way that allows one to solve work-related issues.
• Oral Comprehension - Listens to and understands information and ideas presented through spoken words and sentences.
• Reading Comprehension - Understands written sentences and paragraphs in work related documents.
• Writing - Communicates effectively in writing as appropriate for the audience's needs.
Benefits:
- Competitive salary and benefits package.
- Opportunities for professional growth and development.
- Collaborative and inclusive work environment.
- Flexible working hours and remote work options.
The pay range for this position is $66.87 to $80.38 per hour.
Washington Applicants Only: Employees will accrue 0.0334 PTO balance for every hour worked and eligible to receive minimum of 9 holidays annually.
FLEX opportunities offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.
Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.
The application deadline for this position is 13 days after the date of this posting, November 12, 2024.
Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.
Tags: Agile Analytics Application security Audits AWS Azure CCPA CISM CISSP Cloud Compliance Computer Science DevSecOps Encryption Finance GCP GDPR GIAC Governance ISO 27001 Monitoring NIST Privacy Risk assessment SANS Snowflake Strategy TECHINT Vulnerabilities
Perks/benefits: Career development Competitive pay Equity / stock options Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave Parental leave Startup environment Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.