FLEX Senior Manager, Logging Compliance

This is a temporary position.   

The Senior Manager, Logging Compliance, is responsible for overseeing Marriott’s enterprise-wide logging compliance and monitoring governance to ensure alignment with audit and regulatory requirements. This role focuses on validating that logging activities meet documented controls, identifying compliance gaps, and supporting governance efforts without setting or modifying policies. The role requires a balanced knowledge of SIEM technologies, audit documentation, and threat detection principles to assist teams in meeting logging standards while enabling visibility into critical systems and applications.

 

The ideal candidate brings a deep understanding of security logging, threat detection use case governance, and compliance frameworks. They will work cross-functionally with application owners, infrastructure teams, and cybersecurity stakeholders to validate that logging data is properly onboarded to the SIEM and security data lake, ensuring Marriott maintains a strong audit posture.

 

CANDIDATE PROFILE

 

Education and Experience

 

Required:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science or related field or equivalent experience/certification
• 7+ years of experience in Information Technology/Security including: 
  • 3+ years in a leadership or management role overseeing security compliance or threat detection initiatives.
  • Experience with SIEM platforms (e.g., Splunk Enterprise Security) and logging platforms.
  • Experience managing compliance efforts aligned to frameworks such as NIST, ISO/IEC 27001, PCI DSS etc. 
• Demonstrated knowledge of log management, threat detection use case development, and audit preparation.
• Experience collaborating with application development teams and infrastructure teams to provide oversight for logging compliance. 
• Familiarity with cloud environments (AWS, Azure, GCP) and logging related to cloud workloads. 

 

Preferred Skills/Experience:

• Master’s degree in Cybersecurity, Computer Science, or a related discipline
• 8+ years of experience in information security, focusing on Certification and Accreditation (C&A), Risk Management Framework (RMF), and security controls assessment.
• 4+ years of experience in software/system release management, with a focus on security validation. 
• Experience with risk quantification methodologies and security control testing techniques 
• Comprehensive knowledge of risk management frameworks including FAIR, NIST RMF, MITRE TARA, and OCTAVE
• Deep knowledge of security frameworks such as NIST SP 800-53, ISO/IEC 27001, and PCI DSS, with a strong focus on the Risk Management Framework (RMF)
• Experience with auditing security controls in alignment with RMF processes, including evaluating the effectiveness of controls against NIST 800-53, conducting assessments for compliance, and supporting authorization and accreditation activities
• Familiarity with common documentation frameworks such as the 4+1 View Model, C4 Model, and ISO/IEC/IEEE 42010, as well as UML diagrams, Arc42 templates, and Architecture Decision Records (ADRs) for consuming and interpreting architectural decisions and system design.
• Proven leadership experience in regulatory environments, with strong project management skills. 
• Excellent written and verbal communication skills

 

CORE WORK ACTIVITIES

• Validate that logging practices meet Common Controls Framework (CCF) and other documented compliance requirements.
• Oversee the development and tracking of threat detection use cases across the organization.
• Collaborate with application, infrastructure, and cyber teams to ensure appropriate logging to the SIEM and security data lake.
• Facilitate audit readiness by ensuring accurate documentation of logging controls and evidence collection.
• Lead cross-functional efforts to onboard new log sources and improve existing logging configurations.
• Monitor metrics related to logging completeness, quality, and adherence to established controls.
• Engage with leadership to communicate logging compliance status, risks, and remediation efforts.
• Conduct gap analysis on logging compliance and support remediation efforts.
• Support alignment of threat detection content development efforts with existing logging controls and governance frameworks.

Cultivate a High-Performing Team

• Create a compelling vision, clear direction and strategy for the team
• Generate enthusiasm and understanding of the information security vision and how each role contributes to the achievement of that vision
• Ensure capabilities are developed and resources are aligned to support the strategy
• Attract, motivate, develop and retain highly skilled leaders; champion and model leadership development
• Create and sustain a work environment that drives associate engagement and enables business success
• Ensure appropriate processes are in place and executed to drive collaboration and alignment within the team and with the broader IT organization
• Serve as a role model and ensure all information security leaders are visible and effective partners with IT counterparts, broader Marriott stakeholders, and service providers

Managing Work, Projects, and Policies 

• Coordinates and implements work and projects as assigned.
• Generates and provides accurate and timely results in the form of reports, presentations, etc.
• Analyzes information and evaluates results to choose the best solution and solve problems.
• Develops specific goals and plans to prioritize, organize, and accomplish work.
• Sets and tracks goal progress for self and others.
• Monitors the work of others to ensure it is completed on time and meets expectations.
• Provides direction and assistance to other organizational units’ policies and procedures, and efficient control and utilization of resources.

Leading Team

• Creates a team environment that encourages accountability, high standards, and innovation.
• Leads specific team while assisting with meeting or exceeding department goals.
• Sets clear performance expectations and holds direct report accountable.
• Ensures that goals are being translated to the team as they relate to tracking and productivity.
• Creates and nurtures an environment that emphasizes motivation, empowerment, teamwork, continuous improvement and a passion for providing service.
• Understands employee and develops plans to address need areas and expand on the strengths.
• Provides the team with the capabilities needed to meet or exceed expectations.
• Leads by example demonstrating self-confidence, energy and enthusiasm.

 

The pay range for this position is $40.81 to $68.22 per hour.

Washington Applicants Only: Employees will accrue 0.0334 PTO balance for every hour worked and eligible to receive minimum of 9 holidays annually.

FLEX opportunities offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts.  Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.

Marriott HQ is committed to a hybrid work environment that enables associates to Be connected.  Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.

The application deadline for this position is 14 days after the date of this posting, April 3, 2025.

 

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.