This site uses cookies
By continuing to browse this website you're agreeing to our use of cookies.
Find out more
This position just got filled, but there are more IT & Technology jobs at Marriott Worldwide

Sr. Security Engineer - SOAR

Marriott Worldwide


Sr. Security Engineer - SOAR

Job Description

Posting Date Jan 12, 2022
Job Number 21127011
Job Category Information Technology
Location Marriott International HQ, 10400 Fernwood Road, Bethesda, Maryland, United States VIEW ON MAP
Brand Corporate
Schedule Full-Time
Relocation? N
Position Type Management
Located Remotely? N

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed.  We believe a great career is a journey of discovery and exploration.  So, we ask, where will your journey take you?


Serves as a Security Orchestration and Automated Response (SOAR) engineer responsible for design, development and implementation of automations that accelerate functions within Marriott Global Information Security (GIS).  Collaborates with the Security Operations Center (SOC), Cyber Incident Response Team (CIRT) and other functions within GIS to identify inefficient and manual processes that would benefit from automation.  Leads security automation playbook development from requirements collection through to implementation.


Education and Experience


  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 7+ years Information Technology experience including
    • 2+ years of development experience in the following:
      • Focused development using Security Orchestration and Automated Response (SOAR) platforms
      • Scripting or programming using Python in a security operations capacity
    • 5+ years of information technology experience, including some or all of the following:
      • Experience working in or with security functions such as SOC, CIRT, security engineering, risk management, vulnerability management.
      • Technical infrastructure operations, administration, or engineering
      • Application or software development
      • Agile methodology

Preferred Skills/Experience:

  • Current information security certifications, such as: Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)
  • Development experience on Splunk Phantom SOAR platform
  • Splunk skills: search, report and dashboard creation
  • Broad exposure to a wide range of IT security technologies
  • Development project management
  • Good written and verbal communication skills and problem-solving ability
  • Familiar with security operations centers and incident response work

What You’ll Be Doing

  • Working in Splunk’s Phantom SOAR platform to develop security automation playbooks.
  • Meet with GIS teams to identify areas or functions that may benefit from automation.
  • Catalogue and review any identified security automation use cases with stakeholders to facilitate prioritization with a focus on cyber security risk reduction through efficiency (i.e., time saved, improved response and remediation times).
  • Lead automation use case/playbook design sessions with stakeholders to map requirements to pseudo-code in flow charts, noting integration requirements and all processes, decision points and outcomes for sign-off prior to development.
  • Develop automation playbooks using either out-of-the-box (or custom) integrations and functions as outlined in the automation process design.
  • Collaborate with Security Information and Event Management (SIEM) content developers as needed to support automation integrations and workflows for security personnel.
  • Develop or update security automation metrics to highlight improvements in efficiency.
  • Additional responsibilities:
    • Occasionally participates in the evaluation and selection of security service products pertaining to security automation.
    • Supports analysis of technology industry and market trends to determine their potential impact on security automation architecture.
    • Supports life cycle management of the SOAR platform, integrations and related components.
    • Consults with project, architecture and other engineering teams to identify when it is necessary to modify infrastructure and security services to accommodate automation project needs.
    • Participates in architecture design and analysis work related to security automation.
    • Supports, implements and promotes standard configuration and change management, processes and practices.

At Marriott, we are committed to putting our associates first and their health and safety are our highest priorities.  This position requires associates to be fully vaccinated for COVID-19 per current CDC standards or approved for a medical or religious accommodation.

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.


Job type
Bethesda, MD, United States
IT & Technology
Starting in
As soon as possible
Contract duration