Jobs
>
Providence

    SrMgr-Information Security- Vendor Risk Management - Providence, United States - Marriott

    Marriott
    Marriott Providence, United States

    1 week ago

    Default job background
    Description
    Schedule

    Full-Time
    Located Remotely?

    Y
    Relocation?

    N
    Position Type

    Management

    JOB SUMMARY

    The candidate will be responsible for completing and maintaining 3rd Party Hosting Service Provider reviews, including creating risk assessments, and security test and evaluations.

    The candidate will also be responsible for supporting the overall security program including security policy, procedures, and standards, assessing the risk of the internal and external IT systems, ensuring Marriott iT documents are compliant with Marriott security policies and procedures, and reviewing documents for accuracy and completeness.

    Conduct periodic re-assessment with focus on those with highly sensitive data. Perform application security vulnerability scanning and provide remediation options.

    Candidate will also assist in managing relationship with Service Providers who are responsible for the actual delivery of services, managing outcomes and results, and collaborating with stakeholders across IT and business departments to develop strategies for securing company information and assets.

    Shares responsibility for planning, directing, and coordinating compliance activities pertaining to technology projects for a given business unit. Verifies that project goals are accomplished and in line with business objectives.
    Excellent communication skills are required to effectively communicate (verbally and written) across all levels within the organization.

    CANDIDATE PROFILE
    Education and Experience

    Required:
    Bachelor's degree in Information Systems or related field or equivalent experience/certification
    7+ years of information technology leadership experience including implementing, managing and governing security policies
    3+ years direct work experience in third-party Risk Management
    One or more current information security certifications such as Certified in Risk and Information Systems Controls (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)

    Preferred:
    A security certification such as GWAPT, GPEN, AWS Associate Architect, AWS Professional Architect, PCI experience.
    Technical knowledge in one or more of the following areas is required: Application Security, Operating System security (UNIX, Windows, Mainframe, etc.) and network security (routers, switches, firewalls)
    Technical leadership experience in an outsourced environment
    Excellent communication skills and problem-solving ability
    Experience conducting and maintaining vendor risk assessments
    Experience with reviewing and assessing security controls of Cloud service providers
    Proficient with assessing a multi-tiered system architecture (Web Server, App Server & Database)
    Knowledge of OWASP Top 10 and SANS 25.
    Working knowledge of the infrastructure and application scanning tools (such as Retina, Nessus, IBM App Scan, HP Web Inspect, Fortified on Demand, Qualys, etc.)
    Manual Web Application Testing experience.

    CORE WORK ACTIVITIES
    Security Risk & Compliance

    Oversee, evaluate, and support the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization's information assurance, security, and privacy requirements.

    Ensures appropriate treatment of risk, compliance, and assurance of internal policies and external regulations.
    Perform security controls assessments of third-party providers – assess security architecture, adherence to the requirements, conduct application scanning and results validation
    Document controls gap analysis and risk assessment of the third-party providers
    Review controls exception requests and make risk-based approval decision
    Lead, participate or perform various infrastructure compliance initiatives and projects
    Perform Application Security Testing using (Nessus, IBM App Scan, HP Web Inspect, Fortified on Demand, Qualys, Burp, or Retina)
    Conduct and validate finding discovered during the scans
    Monitor compliance to applicable security policies and standards and report related risk issues
    Manage and administer processes and tools that enable the organization to identify, document, and track third party risks and compliance exceptions

    Conduct assessments of threats and vulnerabilities, determine deviations from acceptable configurations or enterprise or local policy, assess the level of risk, and develop and/or recommend and operationalize appropriate mitigation countermeasures.

    Provide sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain.

    Advocate policy changes and make a case on behalf of the company via a wide range of written and oral work products.

    Oversee the information assurance (IA) program of an information system in or outside the network environment; may include procurement duties.

    Maintaining Goals
    Submits reports in a timely manner, ensuring delivery deadlines are met.
    Promotes the documenting of project progress accurately.
    Provides input and assistance to other teams regarding projects.
    Managing Work, Projects, and Policies
    Manages and implements work and projects as assigned.
    Generates and provides accurate and timely results in the form of reports, presentations, etc.
    Analyzes information and evaluates results to choose the best solution and solve problems.
    Provides timely, accurate, and detailed status reports as requested.
    Demonstrating and Applying Discipline Knowledge
    Provides technical expertise and support to persons inside and outside of the department.
    Demonstrates knowledge of job-relevant issues, products, systems, and processes.
    Demonstrates knowledge of function-specific procedures.
    Keeps up-to-date technically and applies new knowledge to job.
    Uses computers and computer systems (including hardware and software) to enter data and/ or process information.
    Delivering on the Needs of Key Stakeholders
    Understands and meets the needs of key stakeholders.
    Develops specific goals and plans to prioritize, organize, and accomplish work.
    Determines priorities, schedules, plans and necessary resources to ensure completion of any projects on schedule.
    Collaborates with internal partners and stakeholders to support business/initiative strategies
    Communicates concepts in a clear and persuasive manner that is easy to understand.
    Generates and provides accurate and timely results in the form of reports, presentations, etc.
    Demonstrates an understanding of business priorities
    Additional Responsibilities
    Provides information to supervisors and co-workers by telephone, in written form, e-mail, or in person in a timely manner.
    Demonstrates self-confidence, energy and enthusiasm.
    Informs and/or updates leaders on relevant information in a timely manner.
    Manages time effectively and conducts activities in an organized manner.
    Presents ideas, expectations and information in a concise, organized manner.
    Uses problem solving methodology for decision making and follow up.
    Performs other reasonable duties as assigned by manager.

    California Applicants Only:
    The salary range for this position is $96,038.00 to $209,169.00 annually.

    Colorado Applicants Only:
    The salary range for this position is $96,038.00 to $190,154.00 annually.

    Hawaii Applicants Only:
    The salary range for this position is $116,205.00 to $209,169.00 annually.

    New York Applicants Only:
    The salary range for this position is $96,038.00 to $209,169.00 annually.

    Washington Applicants Only:
    The salary range for this position is $96,038.00 to $209,169.00 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus. Employees will accrue PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.

    All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts.

    Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.

    Marriott HQ is committed to a hybrid work environment that enables associates to Be connected.

    Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.

    The application deadline for this position is 28 days after the date of this posting, 4/22/2024.
    Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture.

    We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.

    Marriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed.

    Be

    where you can do your best work,

    begin

    your purpose,

    belong

    to an amazing global team, and

    become

    the best version of you.

    #J-18808-Ljbffr
  • International Game Technology, plc

    Director, Risk Management

    2 weeks ago

    International Game Technology, plc Providence, United States

    IGT's Treasury team is seeking a self-motivated individual to join our fast-paced global team. As Director of Risk Management, you will play an important role and will have an opportunity for future career growth. This position will be based in Provi Risk, Director, Management, I ...

  • IGT

    Director, Risk Management

    2 weeks ago

    IGT Providence, United States

    Director, Risk Management · Location: · Providence, RI, US, 02903 · Requisition ID: 14996 · IGT (NYSE:IGT) is a global leader in gaming. We deliver entertaining and responsible gaming experiences for players across all channels and regulated segments, from Lotteries and Gaming Ma ...

  • IGT

    Director, Risk Management

    1 week ago

    IGT Providence, United States

    IGT (NYSE:IGT) is a global leader in gaming. We deliver entertaining and responsible gaming experiences for players across all channels and regulated segments, from Lotteries and Gaming Machines to Sports Betting and Digital. Leveraging a wealth of compelling content, substantial ...

  • IGT

    Director, Risk Management

    18 hours ago

    IGT Providence, United States

    IGT (NYSE:IGT) is a global leader in gaming. We deliver entertaining and responsible gaming experiences for players across all channels and regulated segments, from Lotteries and Gaming Machines to Sports Betting and Digital. Leveraging a wealth of compelling content, substantial ...

  • IGT

    Director, Risk Management

    1 week ago

    IGT Providence, United States

    IGT (NYSE:IGT) is a global leader in gaming. We deliver entertaining and responsible gaming experiences for players across all channels and regulated segments, from Lotteries and Gaming Machines to Sports Betting and Digital. Leveraging a wealth of compelling content, substantial ...

  • Citizens

    Fair Lending First Line Risk Manager

    1 week ago

    Citizens Westwood, United States

    **Description** · With a focus on fair lending compliance, as a First Line Risk Manager you will represent the First Line of Defense and identify and mitigate potential fair lending and/or UDAAP risks through the identification, management, and mitigation of the risk and control ...

  • Bank of America

    Estate Settlement Officer Iii

    5 days ago

    Bank of America Providence, United States

    At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. · One of the keys t ...

  • Next 150 Construction, LLC

    Project Controller

    1 day ago

    Next 150 Construction, LLC Providence, United States

    Overview: · **This position can be located near an U.S. based Gilbane office.** · Are you looking for a highly rewarding opportunity that provides extensive career growth opportunity? Next 150 Construction is seeking a Project Controller to lead all financial administration and f ...

  • Lifespan Risk Services

    Insurance Underwriting Coord

    1 week ago

    Lifespan Risk Services Providence, United States

    SUMMARY: · Lifespan Risk Services (LRS) is organized and operated for the purpose of coordinating insurance administrative loss prevention and claims functions for Lifespan Corporation. Under the supervision of the LRS Director of Insurance and Business Operations position requir ...

  • Lifespan

    Post Doctoral Research Associate

    3 days ago

    Lifespan Providence, United States

    **Responsibilities**: · Under the general supervision of the Principal Investigator, and within established policies and procedures, performs scientific investigative research; participates in the design of' protocols and research directions and develops new procedures to carry o ...

  • AAA Northeast

    Commercial Insurance Customer Service Representative

    3 days ago

    AAA Northeast Providence, United States

    Are you interested in joining a team that is continuously innovating to create the best experiences for members? Would you like to work for a company that has been rated a top employer and best place to work across the Northeast year over year? Do you want to be part of a company ...

  • The Miriam Hospital

    Case Manager

    1 week ago

    The Miriam Hospital Providence, United States

    Summary: · **Summary**: · Reports to the Manager or Director of Case Management. Provides coordinated care support to facilitate and expedite patient care services. Participates in daily rounds and collaborates with the clinical healthcare team across the patient care continuum t ...

  • The Miriam Hospital

    Clinical Practice Leader

    3 days ago

    The Miriam Hospital Providence, United States

    Summary: · Under the general supervision of the Clinical Manager (or designee) and within hospital and departmental policies and procedures the Clinical Practice Leader provides nursing expertise and professional development support to the inpatient units targeting high-risk and ...

  • WCL Group

    Client Representative Wtg Foundations

    3 days ago

    WCL Group Providence, United States

    CLIENT HIGHLIGHT · The Client you will be working for is a Fortune 150 global leader in the Renewable Energy industry. They specialize in Utility Scale Wind and Solar Development. This opportunity will give you experience in the growing Offshore Wind industry in the United States ...

  • CharterCARE Health Partners

    Manager, Diagnostic Imaging

    1 week ago

    CharterCARE Health Partners North Providence, United States

    **Summary**:To serve as the Leader of Diagnostic Imaging, responsible for the staffing, operations, material contracts, communications, and education functions of the Diagnostic Imaging Department. Reports to Director of Diagnostic Imaging. · **Education**: Bachelor degree in bus ...

  • Women & Infants Hospital

    Him Correspondence Specialist 40e

    1 week ago

    Women & Infants Hospital Providence, United States

    **Job Summary**:The Correspondence Specialist is responsible for processing requests for medical information from various internal and external sources. Provides customer service and health information to the requesting party by mail, telephone, fax, and in person. Keeps abreast ...

  • Radiant Digital

    Environmental Technician

    1 day ago

    Radiant Digital Providence, United States

    **Position: Environmental Technician** · **Location: Providence, RI.** · **Contract Term: 4 monthsHours / Week: 35** · **Responsibilities** · - Review data and inventories submitted by water systems to ensure that the submittals align with the data requirements of the State servi ...

  • VINCI Energies

    Client Rep Cables Medior

    1 day ago

    VINCI Energies Providence, United States

    **CLIENT REP CABLES MEDIOR **required by our Client, within the Renewables industry, to be assigned on a Contract basis, located in Rhode Island.*** · **Duration**:12 months · **POSITION SCOPE** · - Rotation: 4 weeks on/off. than the contract start date. · - Scopes of work can in ...

  • UNFI

    Retail Electronic Payments Analyst- Remote

    3 days ago

    UNFI Providence, United States

    Job Overview: · Job Responsibilities: · - Coordinates or leads projects or initiates tasks with relevant team members and stakeholders. · - Manages business interaction and expectations to meet customer and stakeholder requirements · - Resolves and investigates issues with retail ...

  • Coastal Consultants

    Customer Service Rep

    3 days ago

    Coastal Consultants Providence, United States

    An Entry Level Customer Service and Sales Associate is what we call a forward-thinking, service-oriented, incentive-driven, sales powerhouse. They provide an essential function to our customers. Our reps think outside the box to offer solutions and solve problems for our client's ...