Search 17,560 current hospitality jobs

Director, Cyber Incident Response

Posted March 22, 2021

Marriott International
Bethesda, MD

About This Job


Marriott International is the world’s largest hospitality company with over 7,000+ properties operating across 30 brands in 131 countries and territories and has earned the trust of millions of guests to help them connect, experience, and expand their world.

As part of the Global Information Security organization, the Marriott Cyber Incident Response Team (CIRT) provides industry-leading response with hands-on analysis using a variety of tools and methodologies to help identify, respond, mitigate, and protect against threats to our corporate environment, hotel properties, and guests. Our world class incident responders are able to resolve security incidents quickly and efficiently at scale to reduce to the impact of security events and incidents, including investigation, containment, and eradication.

Do you want to lead a team of insanely bright cybersecurity responders? Can you think like an attacker or understand the operational security controls needed to detect, remediate, and prevent compromises? Does the idea of sitting in the command seat to some of the most interesting threats in the world excite you? Marriott is seeking a Director of Cyber Incident Response who will lead the team that provides 24x7x365 incident response activities for the world’s most renowned travel company. The successful candidate will have a winning combination of strong leadership abilities, hands-on technical experience, and an eagerness to build a world class incident response organization. You must be comfortable leading teams on challenging engagements, communicating with senior executives, providing hands-on assistance with incident response activities, and creating and presenting high-quality deliverables.

Required Experience & Education:

·       8+ years of information technology leadership experience includes:

    • Knowledge of cyber threats, attack tools, techniques and procedures, and containment and remediation strategies
    • Knowledge of security controls and incident response in a multi-platform environment including on-prem and cloud
    • Experience in security technologies (i.e., Incident Case Management, SIEM, SOAR, EDR, Intrusion Prevention, Digital Forensics)

·       Direct management of cross functional, sourced, or matrixed teams

·       3+ years directing/managing a global 24x7 Security Operations Center (SOC) and/or Cyber Incident Response Team where you have also d defined, measured and reported on incident response KPIs

·       Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification

·       Ability to work in a 24x7 cross-functional operational environment with global presence

Other/Preferred Qualifications:

·       Ability to effectively collaborate and work in a remote environment

·       Effectively communicate investigative findings to technical staff, executive leadership, legal counsel, and other stakeholders

·       Develop documentation that explains technical details in a clear, concise, and repeatable manner

·       Ability to balance multiple activities and lead dotted-lined resources as needed

·       Experience preparing and reviewing statement of work (SOW), as well as reviewing and providing guidance on contractual agreements for third-party security engagements and vendors

·       Experience responding to cyber events in the hospitality sector and/or public cloud environments such as AWS, Azure, Google Cloud, etc.


·       Partner closely with the CIRT Director in Singapore to manage various cyber incident response engagements for a 24x7x365 operational model

·       Serve as the point person on cyber incident response engagements by providing subject matter expertise and project management experience

  • Collaborate with and provide direction to the Tier 1 Security Operations Center (MSSP)
  • Maintain technical documentation including standard operating procedures and incident response processes/procedures
  • Identify opportunities to automate incident response processes and optimize infrastructure security controls

·       Drive operational excellence by defining, leading and delivering cyber incident response processes and procedures

·       Develop and present comprehensive reports for both technical, executive, and non-security stakeholder audiences

·       Implement strategic projects and initiatives that advance the maturity and capability of the Incident Response team

·       Develop and manage career progression for both technical and leadership tracks on the CIRT team

Human and Financial Capital Management

·       Establish, motivate, and lead a high-performing CIRT team; attracts, recruits, and retains key members of the department.

·       Facilitate a team and culture that creates defined career paths and advancement opportunities throughout the organization.

Cultivate a High-Performing Team

·       Create a compelling vision, clear direction and strategy for the team.

·       Generate enthusiasm and understanding of the Department vision and how each role contributes to the achievement of that vision.

·       Ensure capabilities are developed and resources are aligned to support the strategy.

·       Attract, motivate, develop and retain highly skilled staff; champion and model leadership development.

·       Create and sustain a work environment that drives associate engagement and enables business success.

·       Ensure appropriate processes are in place and executed to drive collaboration and alignment within the team and with the broader IT organization.

·       Serve as a role model and ensure all information security leaders are visible and effective partners with IT counterparts, broader Marriott stakeholders, and service providers.

·       Demonstrate extensive Operational and Support experience with strong ITIL alignment

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.

About this Employer

Marriott International

10400 Fernwood Rd.
Bethesda, MD 20817

(301) 380-3000

Corporate Office

Follow us:

What Does it Mean to Be a Marriott International Associate?

It means feeling the power of belonging. We feel it each and every day. It comes from being recognized. It comes from knowing Marriott International sees talent in each of us. And, it comes from working together, as a family, to make our guests feel as much at home as we do. It's why so many of our associates come for a job, but stay for a career.


  • Marriott's managers and leaders take a personal interest in each associate
  • Marriott offers resources and support so associates have what they need to develop to their full potential
  • Marriott is committed to hiring a diverse workforce and sustaining an inclusive culture


  • A work environment that is a "home away from home" for many associates, where co-workers are also friends
  • Service is what sets Marriott apart with our guests, so Marriott associates are empowered to go the extra mile, do the job right, and deliver exceptional guest experiences
  • Working for Marriott gives associates a sense of pride and dignity, where they are empowered to deliver their personal best, every day, for every guest and each other

What Sets Us Apart?

We believe our strength is rooted in our five core values:

  • Putting people first
  • Pursuing excellence
  • Embracing change
  • Acting with integrity, and
  • Serving our world

These values are our legacy and our future. As we pursue our vision of making Marriott the #1 travel company in the world, we never lose sight of our founding principles and our proud heritage. We are constantly innovating and evolving, but we'll always stay true to who we are, because we believe the way we do business is as important as the business we do.