AVP, Information Security Engineering

**Relocation Assistance Available**

Position Summary

As a member of the professional staff, contributes specialized knowledge and skill in a discipline (e.g., Accounting, Finance, Human Resources, Inventory, Revenue Management, Information Resources, Operations Planning & Support, Sales & Marketing) area to support team and/or department business objectives. Generally, works under limited supervision, but within established guidelines, producing and analyzing more complex business information to assist in the decision-making process.

Business Context

Marriott Vacations Worldwide (MVW) is a leading global vacation company that offers vacation ownership, exchange, rental and resort and property management, along with related businesses, products, and services. The Company has over 120 vacation ownership resorts and approximately 700,000 owner families in a diverse portfolio that includes some of the most iconic vacation ownership brands. The Company also operates exchange networks and membership programs comprised of nearly 3,200 affiliated resorts in over 90 countries and territories, as well as provides management services to other resorts and lodging properties.

As a leader and innovator in the vacation ownership industry, the Company upholds the highest standards of excellence in serving its customers, investors and associates while maintaining exclusive, long-term relationships with Marriott International, Inc. and Hyatt Hotels Corporation for the development, sales and marketing of vacation ownership products and services.

The vision of MVW is to strive to build long-lasting relationships with their Owners, Members, customers, and associates to help them live their lives to the fullest. Innovation. Integrity. Excellence. This is the story of MVW. And while the company spans brands and businesses, decades and continents, their shared inspiration continues to drive them forward: delivering unforgettable experiences that make vacation dreams come true.

Global Technology Context

The Global Technology (GT) team at Marriott Vacations Worldwide (MVW) is on a multi-year journey to modernize technical and digital products and platforms across all business lines. This role demands a visionary leader with a technical understanding of the range of resort operations technical products in solving complex business challenges. Proven success as a leader in recruiting, developing, and retaining technical talent on high performing teams is required. The incumbent is a proven thought leader, a consensus builder, and an integrator of people, processes, and technology.

Specific Job Summary

The AVP, Information Security Engineering, reporting to the VP of Information Security Architecture, will help lead the overall strategy, planning, evaluation & implementation of the entire Information Security Operations and Engineering stack. The individual in this role will significantly contribute to the direction and oversight into the Information Security Engineering and Operations functions across the MVW enterprise, including areas such as developing, enforcing, and implementing information security standards to all MVW business and Customer data.

This leader will require expert knowledge in modern Information Security Engineering solutions and approaches, highly technical and able to communicate information security concerns both vertically and horizontally information security issues. This role will review risk evaluations, audits, and security incident investigations, and present information to senior leadership as needed.

The position leads designing, specifying, and selecting business application information security solutions, considering functionality, data, security, privacy, interoperability, scalability, and performance for the most advanced IT architectures. This position will directly contribute to the overall global enterprise cloud architecture and lead the security vision and strategy around business focused Information Security Engineering.

Expected Contributions

• Contributes to team, department, and/or business results by performing complex quantitative and qualitative analysis for business processes and/or projects. Often manages small projects, business processes or parts of larger ones.
• Responds to, solves, and makes decisions on more complex/non-routine business requests with limited to moderate risk.
• Assists more senior associates in achieving business results by:
  • identifying opportunities to enhance the effectiveness of business processes
  • participating in setting department operating plans.
  • achieving results against budget within scope of responsibility.
• Demonstrates an awareness of personal strengths and areas for improvement and acts independently to improve and increase skills and knowledge.
• Performs other duties as appropriate.

Specific Expected Contributions

• Ensures high availability, quality, and fit for purpose of information security tools and technologies, as well as internal processes for servicing customers.
• Protects IT infrastructure, edge devices, networks, and data as well as prevents data breaches and responds to cyber-attacks.
• Identifies and addresses issues related to Information Security tools, technologies, and processes supporting Information Security team performance.
• Provides technical leadership for the integration of Information Security systems.
• Ensures alignment between Information Security standards and business objectives.
• Develops and maintaining Information Security policies, procedures, and standards.
• Works with stakeholders to understand their Information Security requirements and translating them into technical specifications.
• Performs audits ensuring that systems follow established Information Security standards and policies.
• Provides support and guidance to team members regarding Information Security.
• Ensures that Information Security systems are updated regularly and remain secure against potential threats.
• Documenting Information Security strategies and systems for future reference and review.
• Participates on significant application development projects to design secure architectures and ensure developed systems align with MVW security strategy and policy.
• Maintains security architecture documentation, including architecture frameworks, design patterns, logical and physical diagrams, and standards.
• Enhances Security team capabilities by mentoring more junior team members.
• Acquires threat intelligence and technical indicators from external sources.
• Champions information security principles and best practices on key customer feature development projects to help design secure architectures and ensure developed systems align with MVW security strategy and policy.
• Leads the definition and methodology for ensuring applications and processes are fully integrated with our digital & service delivery platforms.
• Ensures that company developed, as well as third-party applications adhere to security best practices and principles, as well as design mitigation solutions for applications to meet these standards.
• Creates security architecture documentation, including architecture frameworks, patterns, and standards.
• Partners with leaders across our Information Security and Data Privacy organization, as well as other organization leads.
• Works directly with peers and/or third parties to provide mitigations and strategic solutions to solve major application security hurdles by evaluating business strategies and requirements
• Studies architecture/platform, identifying integration issues and preparing cost estimates.
• Performs other duties as assigned.

Candidate Profile

Successful candidates should possess knowledge and experience and demonstrate leadership skills as follows:

Generally, a professional position with specific knowledge in a discipline (e.g., Accounting, Human Resources, Information Technology). College degree and/or relevant experience typically required.

Specific Candidate Profile

Education

• Bachelor's degree in computer science, Information Technology, or related discipline or equivalent work experience.
• Master's degree in information security or related discipline preferred.

Certifications Preferred

• Technical security and/or other security risk management certification (for example: CISSP, CRISC, CISM, CCSP, SANS) preferred.

Experience

• At least 10 years progressive experience in relevant Information Security discipline.
• At least 8 years of experience in Information Security.
• Proven experience managing mid to large sized Information Security Engineering shops (at or greater than 50,000 users)
• Experience with one or more of the following: ISO 27001, NIST, CIS standards, or SOC 2 Controls
• Experience with AWS and Microsoft Azure/Entra ID

Skills and Attributes

• Exceptional critical thinking skills and thought leadership with the ability to comprehend complex problems, draw logical conclusions, make sound decisions, develop solutions, and negotiate and respond accordingly to drive closure of complex challenges.
• Proven track record and experience in developing comprehensive security solutions that meet the objectives of excellence in a dynamic environment.
• Strong demonstrated knowledge of enterprise IT systems, cloud solutions and security technologies.
• Ability to communicate complex messages in a simple, clear, and concise manner to the various IT and non-IT teams.
• Broad and diverse experience across cybersecurity strategy, operations, security architecture, and cloud security.
• Demonstrated technical proficiency in applying cybersecurity controls.
• Ability to oversee and execute highly complex, cross-organizational initiatives.
• Ability to engage executive level stakeholders on complex matters with limited oversight and guidance.
• Ability to think strategically and tactically, with effective decision-making skills.
• Relevant Cybersecurity Certification(s) (CISSP, CISA, CIAM, etc.).
• Strong organization skills with demonstrable planning and time management capabilities.
• Have experience driving projects and owning problems within a security environment.
• Ability to communicate complex messages in a simple, clear, and concise manner to the various IT and non-IT teams
• Strong organization skills with demonstrable planning and time management capabilities
• Have solid understanding of the main tenets of information security, data privacy, & risk

Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

**Relocation Assistance Available**

Position Summary

As a member of the professional staff, contributes specialized knowledge and skill in a discipline (e.g., Accounting, Finance, Human Resources, Inventory, Revenue Management, Information Resources, Operations Planning & Support, Sales & Marketing) area to support team and/or department business objectives. Generally, works under limited supervision, but within established guidelines, producing and analyzing more complex business information to assist in the decision-making process.

Business Context

Marriott Vacations Worldwide (MVW) is a leading global vacation company that offers vacation ownership, exchange, rental and resort and property management, along with related businesses, products, and services. The Company has over 120 vacation ownership resorts and approximately 700,000 owner families in a diverse portfolio that includes some of the most iconic vacation ownership brands. The Company also operates exchange networks and membership programs comprised of nearly 3,200 affiliated resorts in over 90 countries and territories, as well as provides management services to other resorts and lodging properties.

As a leader and innovator in the vacation ownership industry, the Company upholds the highest standards of excellence in serving its customers, investors and associates while maintaining exclusive, long-term relationships with Marriott International, Inc. and Hyatt Hotels Corporation for the development, sales and marketing of vacation ownership products and services.

The vision of MVW is to strive to build long-lasting relationships with their Owners, Members, customers, and associates to help them live their lives to the fullest. Innovation. Integrity. Excellence. This is the story of MVW. And while the company spans brands and businesses, decades and continents, their shared inspiration continues to drive them forward: delivering unforgettable experiences that make vacation dreams come true.

Global Technology Context

The Global Technology (GT) team at Marriott Vacations Worldwide (MVW) is on a multi-year journey to modernize technical and digital products and platforms across all business lines. This role demands a visionary leader with a technical understanding of the range of resort operations technical products in solving complex business challenges. Proven success as a leader in recruiting, developing, and retaining technical talent on high performing teams is required. The incumbent is a proven thought leader, a consensus builder, and an integrator of people, processes, and technology.

Specific Job Summary

The AVP, Information Security Engineering, reporting to the VP of Information Security Architecture, will help lead the overall strategy, planning, evaluation & implementation of the entire Information Security Operations and Engineering stack. The individual in this role will significantly contribute to the direction and oversight into the Information Security Engineering and Operations functions across the MVW enterprise, including areas such as developing, enforcing, and implementing information security standards to all MVW business and Customer data.

This leader will require expert knowledge in modern Information Security Engineering solutions and approaches, highly technical and able to communicate information security concerns both vertically and horizontally information security issues. This role will review risk evaluations, audits, and security incident investigations, and present information to senior leadership as needed.

The position leads designing, specifying, and selecting business application information security solutions, considering functionality, data, security, privacy, interoperability, scalability, and performance for the most advanced IT architectures. This position will directly contribute to the overall global enterprise cloud architecture and lead the security vision and strategy around business focused Information Security Engineering.

Expected Contributions

• Contributes to team, department, and/or business results by performing complex quantitative and qualitative analysis for business processes and/or projects. Often manages small projects, business processes or parts of larger ones.
• Responds to, solves, and makes decisions on more complex/non-routine business requests with limited to moderate risk.
• Assists more senior associates in achieving business results by:
  • identifying opportunities to enhance the effectiveness of business processes
  • participating in setting department operating plans.
  • achieving results against budget within scope of responsibility.
• Demonstrates an awareness of personal strengths and areas for improvement and acts independently to improve and increase skills and knowledge.
• Performs other duties as appropriate.

Specific Expected Contributions

• Ensures high availability, quality, and fit for purpose of information security tools and technologies, as well as internal processes for servicing customers.
• Protects IT infrastructure, edge devices, networks, and data as well as prevents data breaches and responds to cyber-attacks.
• Identifies and addresses issues related to Information Security tools, technologies, and processes supporting Information Security team performance.
• Provides technical leadership for the integration of Information Security systems.
• Ensures alignment between Information Security standards and business objectives.
• Develops and maintaining Information Security policies, procedures, and standards.
• Works with stakeholders to understand their Information Security requirements and translating them into technical specifications.
• Performs audits ensuring that systems follow established Information Security standards and policies.
• Provides support and guidance to team members regarding Information Security.
• Ensures that Information Security systems are updated regularly and remain secure against potential threats.
• Documenting Information Security strategies and systems for future reference and review.
• Participates on significant application development projects to design secure architectures and ensure developed systems align with MVW security strategy and policy.
• Maintains security architecture documentation, including architecture frameworks, design patterns, logical and physical diagrams, and standards.
• Enhances Security team capabilities by mentoring more junior team members.
• Acquires threat intelligence and technical indicators from external sources.
• Champions information security principles and best practices on key customer feature development projects to help design secure architectures and ensure developed systems align with MVW security strategy and policy.
• Leads the definition and methodology for ensuring applications and processes are fully integrated with our digital & service delivery platforms.
• Ensures that company developed, as well as third-party applications adhere to security best practices and principles, as well as design mitigation solutions for applications to meet these standards.
• Creates security architecture documentation, including architecture frameworks, patterns, and standards.
• Partners with leaders across our Information Security and Data Privacy organization, as well as other organization leads.
• Works directly with peers and/or third parties to provide mitigations and strategic solutions to solve major application security hurdles by evaluating business strategies and requirements
• Studies architecture/platform, identifying integration issues and preparing cost estimates.
• Performs other duties as assigned.

Candidate Profile

Successful candidates should possess knowledge and experience and demonstrate leadership skills as follows:

Generally, a professional position with specific knowledge in a discipline (e.g., Accounting, Human Resources, Information Technology). College degree and/or relevant experience typically required.

Specific Candidate Profile

Education

• Bachelor's degree in computer science, Information Technology, or related discipline or equivalent work experience.
• Master's degree in information security or related discipline preferred.

Certifications Preferred

• Technical security and/or other security risk management certification (for example: CISSP, CRISC, CISM, CCSP, SANS) preferred.

Experience

• At least 10 years progressive experience in relevant Information Security discipline.
• At least 8 years of experience in Information Security.
• Proven experience managing mid to large sized Information Security Engineering shops (at or greater than 50,000 users)
• Experience with one or more of the following: ISO 27001, NIST, CIS standards, or SOC 2 Controls
• Experience with AWS and Microsoft Azure/Entra ID

Skills and Attributes

• Exceptional critical thinking skills and thought leadership with the ability to comprehend complex problems, draw logical conclusions, make sound decisions, develop solutions, and negotiate and respond accordingly to drive closure of complex challenges.
• Proven track record and experience in developing comprehensive security solutions that meet the objectives of excellence in a dynamic environment.
• Strong demonstrated knowledge of enterprise IT systems, cloud solutions and security technologies.
• Ability to communicate complex messages in a simple, clear, and concise manner to the various IT and non-IT teams.
• Broad and diverse experience across cybersecurity strategy, operations, security architecture, and cloud security.
• Demonstrated technical proficiency in applying cybersecurity controls.
• Ability to oversee and execute highly complex, cross-organizational initiatives.
• Ability to engage executive level stakeholders on complex matters with limited oversight and guidance.
• Ability to think strategically and tactically, with effective decision-making skills.
• Relevant Cybersecurity Certification(s) (CISSP, CISA, CIAM, etc.).
• Strong organization skills with demonstrable planning and time management capabilities.
• Have experience driving projects and owning problems within a security environment.
• Ability to communicate complex messages in a simple, clear, and concise manner to the various IT and non-IT teams
• Strong organization skills with demonstrable planning and time management capabilities
• Have solid understanding of the main tenets of information security, data privacy, & risk

Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.