Associate Director, Cloud Security Architect

Jun 6, 2025

KPMG is seeking an Associate Director, Cloud Security Architect to enhance cloud security practices within their Global Information Solution Group. The role involves developing security architectures and conducting assessments to ensure compliance and mitigate risks.

Senior Network Security Engineer

Invalid date

Marriott Senior Network Security Engineer - Cheyenne, Wyoming Schedule: Full-Time Located Remotely? Yes Relocation? No Position Type: Management JOB SUMMARY The Senior Network Security Engineer, Network Site Reliability Engineering (SRE) is the subject matter expert in designing and implementing the Network security strategy and platforms for the next-gen operations for all Marriott International (MI) networks including the Property Networks, Datacenter/Cloud Networks, and Corporate Networks. This role will work closely and collaboratively with a matrix team of expert network architects and engineers to drive adoption of SRE practices and operating models across all network product towers, and around the globe. As the Senior Network Security Engineer, the candidate focuses on defining and executing the zero-trust strategy to prevent unauthorized access to Marriott's network as well as meet stringent compliance requirements. Reporting to the Director of SRE, the engineer will be responsible for articulating and effectively executing a vision to address increasing complexity, scale of modern IT systems, and ensure real-time asset visibility, assessment, remediation, and access control to Marriott services. The successful candidate will be expected to bridge the gap by implementing security strategies and next-gen zero trust solutions to ensure all system components are meeting Marriott network access and security compliance requirements at a granular level. CANDIDATE PROFILE Required Education and Experience: Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification 7+ years’ experience in information technology including: 6+ years' experience with network security tools related products Experience in installing, configuring, and troubleshooting zero trust security tools (Forescout NAC, Cisco ISE, Aruba ClearPass or other similar tools) Strong preference for product certifications (Forescout: FSCA or FSAA or FSCE) Expertise in designing and implementing policies in the tools mentioned above Experience with one or more Cloud Computing platforms (e.g. Amazon AWS, Microsoft Azure, Google Compute Engine) Knowledge and experience in wireshark/tcpdump/nmap and related analysis techniques Experience in developing, documenting, and managing the requirements gathering process and provide detailed design and implementation plans to support the requirements throughout the project life cycle Field experience and knowledge of foundational data networking and IP technologies including (ARP, TCP/IP, UDP, DHCP, DNS, NAT and others) Awareness in installing, managing, troubleshooting, and administration of firewall management solutions (Firemon, Palo Alto Panorama, Checkpoint MDS) Understanding of TACACS+, RADIUS Experience in Agile methodologies, daily stand-up meetings, sprint planning sessions, and user story preparations Hands-on experience with common routing and switching platforms (Cisco, Juniper, HP/Aruba etc.) Preferred: Advanced Degree (e.g., MS, PhD) in Computer Science or other technical discipline or MBA, preferably with a focus on technology Experience with managing network security tools in the hospitality industry a plus Experience in leveraging public APIs for developing automation scripts Team player with the ability to collaborate and work with cross-functional teams in multiple time zones Experience in researching emerging technologies and trends, standards, and products and synthesizing into clear technology roadmaps and strategies Strong knowledge of emerging tools, applications, and systems for attaining best-in-class network security posture across the enterprise Excellent problem-solving skills working independently and through leading outcomes for cross-functional teams Excellent understanding of change management, testing requirements, and techniques, to ensure high availability and business readiness of platforms Strong attention to detail with an ability to operate effectively across multiple priorities Ability to perform independently as a member of a team and through cross-functional initiatives Proven track record of driving transformation in network technologies, tools, and processes through a data-driven continuous improvement methodology Demonstrated experience in improving reliability, performance, and agility of complex enterprise networks Strong understanding of network infrastructure automation, instrumentation, and monitoring platforms and the emerging technologies in this area Strong influencing skills and an ability to overcome barriers while driving change Excellent verbal and written communication skills for a wide range of audiences including executives, business stakeholders, and IT teams CORE WORK ACTIVITIES Develop complex global distributed infrastructure security, management, and automation solutions to manage our global network. Lead design, write, and build tools to improve the security posture, availability, and scalability of Datacenter/Cloud Networks, Property Networks, and Corporate Networks. Serve as technical lead for the development of complex global distributed infrastructure security, management, and automation solutions to manage our global network. Serve as technical lead for the design of new cybersecurity tools to help implement zero trust strategy. Collaborate with other Network teams to develop network SRE solutions with a focus on zero trust. Conduct network analysis, configuration management and develop improvements for security compliance, availability, and reliability. Provide program management assistance and contribute input to help manage project schedules, risks, and costs. Manage Network SRE products and solutions, including the design, low-level engineering, and delivery of new security tools across the network. Define and implement an operational Recovery Time Objective (RTO) and Recovery Point Objective (RPO) strategy for all Network Infrastructure areas. Establish management level relationships and partnering with all Business disciplines and other MI teams to define Network SRE Security roadmap, meet service level requirements, and serve as an escalation point to resolve service delivery and operational issues. Drive accountability with strategic sourcing partners, vendors, telco/ISPs, etc., launching and managing Security Improvement initiatives where appropriate. Create functional strategies and specific objectives for the sub-function and contribute to the development of budgets/policies/procedures to support the functional Network SRE security tools, systems, and infrastructure. Perform network troubleshooting and upgrades. Coordinate with local teams and vendors, solve problems and restore services as needed. Foster an environment of continuous improvement and structured processes and procedures that support a zero-fault culture. California Applicants Only: The salary range for this position is $96,038 to $209,169 annually. Colorado Applicants Only: The salary range for this position is $96,038 to $190,154 annually. Hawaii Applicants Only: The salary range for this position is $116,205 to $209,169 annually. New York Applicants Only: The salary range for this position is $96,038 to $209,169 annually. Washington, D.C. Applicants Only: The salary range for this position is $105,641 to $190,154 annually. Washington Applicants Only: The salary range for this position is $96,038 to $209,169 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus. Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive a minimum of 7 holidays annually. All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others. Marriott HQ is committed to a hybrid work environment that enables associates to be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions. The application deadline for this position is 28 days after the date of this posting, July 18, 2024. Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law. Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work, begin your purpose, belong to an amazing global team, and become the best version of you. #J-18808-Ljbffr

Application Security Engineer - Remote

Invalid date

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd