Job Number 24150916

Job Category Information Technology

Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States

Schedule Full-Time

Located Remotely? Y

Relocation? N

Position Type Management

JOB SUMMARY

The Application Security Analyst will assist in monitoring and assessing the security of web applications under the guidance of the Senior Application Security Manager. This role involves supporting the enforcement of security standards, participating in application security risk assessments, and aiding in the documentation and remediation tracking processes. The role is designed to provide hands-on experience in application security within a corporate environment, with a strong focus on learning and development.

CANDIDATE PROFILE

Education and Experience

Required Education and Experience:

• Bachelor’s degree in Cybersecurity, Computer Science or related field or equivalent experience/certification

• 2+ years of information technology experience

Desired Capabilities and Experiences

• Strong understanding of basic programming concepts and principals (interpretation, compilation, loops, control structures, data types)

• Basic understanding of security testing methodologies, tools, and approaches

• Basic understanding of OWASP Top 10 and its implications to software security

• Basic understanding of common software development practices and procedures (version control, testing, patching, CI/CD)

• Basic understanding of the Software Development Lifecycle (SDLC).

• Proficiency in Microsoft Word, PowerPoint, and Excel

• Excellent communication skills.

• Strong interest in cybersecurity and a willingness to learn on the job.

• Current information security certification, including: GSEC, GSIF, CySA+, Security+, CEH, GRISC, CISA

• Experience in software development (front end or backend developer)

• Experience with software security testing

• Experience working in a regulated environment (e.g., finance, healthcare, government).

• Experience with conducting risk assessments and developing risk mitigation strategies.

• Solid understanding ofGitHub operations (e.g., cloning, branching, merging, pull requests, issues)

CORE WORK ACTIVITIES

Application Security Risk Management & Tracking

• Assist in monitoring compliance with security standards and regulatory requirements related to web application security.

• Assist in tracking and documenting risk mitigation efforts, ensuring timely resolution of identified issues.

• Support the Senior Manager in tracking and documenting application security risks and remediation efforts.

• Learn and assist in the use of security tools such as GitHub Advanced Security for basic operations (e.g. Tracking & Reporting Issues).

• Work closely with development teams to integrate risk management practices into the software development lifecycle.

• Gain exposure to security frameworks and standards such as OWASP, under the mentorship of the Senior Manager.

• Contribute to the development and maintenance of compliance documentation, including policies, procedures, and control frameworks.

• Aid in the use of project management tools like JIRA to track tasks and projects.

• Work closely with the Application Security Testing team to understand findings, their relevance and potential impact.

• Conduct basic vulnerability research under the guidance of the Senior Manager.

• File tickets with development and security teams, monitor ticket flow, volume, and remediation activities.

• Participate in audits and assessments to evaluate compliance with internal policies and external regulations.

• Review Security Researcher findings through the company Bug Bounty program and pursue remediation when issues are validated.

Managing Work, Projects, and Policies

• Coordinates and implements work and projects as assigned.

• Complies with Federal and State laws applying to procedures.

• Generates and provides accurate and timely results in the form of reports, presentations, etc.

• Analyzes information and evaluates results to choose the best solution and solve problems.

• Manages the flow of questions and directs questions.

Supporting Operations

• Works with team to put sustainable work processes and systems in place that support the execution of the strategy.

• Establishes and maintains complete and up-to-date information to ensure accurate reporting.

• Represents team in resolving situations.

• Maintains and manages inventory and service operations.

Additional Responsibilities

• Informs, updates, and provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.

• Attends and participates in all relevant meetings.

• Presents ideas, expectations and information in a concise, organized manner.

• Uses problem solving methodology for decision making and follow up.

• Maintains positive working relations with internal customers and department managers.

• Manages time effectively and conducts activities in an organized manner.

• Performs other reasonable duties as assigned by manager.

The salary range for this position is $63,150 to $115,775 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus.

Washington Applicants Only: Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.

All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.

Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.

The application deadline for this position is 28 days after the date of this posting, August 28, 2024.

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work,​ begin your purpose, belong to an amazing global​ team, and become the best version of you.