Marriott Vacations Worldwide Director of Cybersecurity & Incident Response in Orlando, Florida
Are you ready to grow your dream career while making others' vacation dreams come true? Marriott Vacations Worldwide is a world premier organization for Vacation Ownership with resorts at destinations around the globe. Join our team and help deliver unforgettable experiences that make vacation dreams come true.
As a member of the professional staff, contributes a high level of specialized knowledge and skill in a discipline (e.g. Accounting, Finance, Human Resources, Information Technology, Operations Planning & Support, Sales & Marketing) area to support department and/or function objectives. Generally works with considerable independence, developing operating plans and related operational processes for own department and monitoring the flow of work between own department and others in alignment with broader business objectives, selecting and developing effective managers and work teams, and managing own organization through reliable systems and processes.
The Director of Incident Response will lead our global security monitoring and incident response program, developing, managing, and building a high performing team of currently seven to ten security professionals that will bring an innovating and effective information security breach detection and response capabilities to Marriott Vacations Worldwide (MVW). Reporting to the VP of Global Information Security/CISO, this role will re-design our monitoring and response function, combining two legacy teams as part of the larger security program integration and development effort.
As a key member of the Information Security leadership team, this role will be instrumental in designing, building and leading a world class security incident response function. The Director will innovate with exceptional freedom to bring advanced techniques such as automation and machine learning to deliver a truly cutting-edge detection and response capability. Primary functions overseen by this role include security monitoring, threat management, incident response, and digital forensics. This position also oversees operations of the Security Operations Center (SOC), threat hunting, and digital forensic activities.
- Develops operating plans and workable business processes for own department in alignment with function strategy.
- Manages larger business processes and/or projects, setting priorities and measurable objectives, monitoring and reporting on the process, progress and results. Typically influences work of cross-functional or extended teams.
- Responds to, solves and makes decisions on business requests that have broader department impact and/or moderate risk. Presents alternative solutions to business issues by leveraging the broader organization.
Works to enhance the organization's capabilities through effective staffing and development of others by:
anticipating staffing requirements by comparing business needs with strengths and weaknesses of existing staff.
using appropriate MVW interviewing tools to hire the best managers available from inside or outside.
setting and maintaining high standards for team and individual performance.
providing timely coaching and feedback.
making and rewarding distinctions in performance.
Assists more senior associates in achieving business results by:
acting in a consultative fashion to implement programs impacting the broader organization.
assisting in the development and communication of broader organizational goals.
achieving results against budget within scope of responsibility.
taking calculated risks to move the department or team forward.
developing and using systems to organize and keep track of information.
balancing the interests of own group with the interests of the organization.
working with others to identify and remove barriers to success.
Readily critiques own behavior to acknowledge mistakes and improve future leadership performance and acts independently to improve and increase skills and knowledge.
- Performs other duties as appropriate.
Specific Expected Contributions
Security Incident Response Strategy
Track, access and review current on new and emerging Information Technology (IT) techniques, tools and technologies
Develop and deliver short and near-term road maps for Information Security Incident Response program development, in concert with overall security, IT, and business road maps
Build and present business cases for new and enhanced IT capabilities to reduce the company's risk profile
Oversees information security monitoring and threat detection capabilities that include:
Monitors for, detects, and contains security incidents
Threat management including threat intelligence
Performing proactive threat hunting using advanced techniques
Maintains, operates, and runs security incident response processes
Maintains an effective set of policies and procedures for incident response, including playbooks
Trains and educated Company on incident response process, including simulations and table top exercises
Continuously captured lessons learned and improves procedures through collaboration with business functions and data breach response team
Digital Forensic Services
Maintain forensically sounds practices and procedures in incident detection and response
Select, implement, and maintain tools, technologies, and skills to perform all work to highest standards
Provides internal digital forensics services to business units as needed, including Legal and HR
Works to enhance the organization's capabilities through effective staffing and development of others
Provides guidance and coaching to achieve IT's objectives
Establish clear, achievable goals and monitors performance utilizing the Leadership Performance Management process
Leads, develops, motivates and manages team to create an engaged workforce
Successful candidates should possess knowledge and experience and demonstrate strong leadership and relationship skills as follows:
Generally a professional position requiring significant knowledge and experience in one or more disciplines and/or business operations as well as associate management experience. College degree and/or relevant experience generally required.
- Four-year degree in Computer Science, computer Engineering, or similar preferred or related business degree
- 15+years of progressive and relevant experience working in Information Technology
- 10+ years progressive experience in information security, with focus on forensics and incident response
- Financial services, critical infrastructure, or related industry experience preferred
- 5 + years' experience in a management and leadership role; demonstrated success leading and developing a team of professionals
- History of consistently delivering business results
Knowledge and Skills
- Strong strategic planning and management skills
- Deep Information Technology and Information Security knowledge
- Conceptual thinking and advanced problem solving
- Strong Business Acumen and service orientation
- Strong leader of people -- ability to create a compelling vision, demonstrate flexibility in approach; and motivate others to achieve desired results
- Worked in team environment
- Demonstrated vertical and horizontal interaction skills
- Ability to present complex material in manner appropriate to the audience
- Able to work in a matrix organization, partnering with resources to achieve results through others
Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled