Security Engineer – PKI – Marriott International HQ – USA


Job Number 20023980
Job Category Information Technology
Location Marriott International HQ| 10400 Fernwood Road| Bethesda|
Maryland| United States
Brand Corporate
Schedule Full-time
Relocation? No
Position Type Management

Start Your Journey With Us
Marriott International is the world’s largest hotel company| with more brands|
more hotels and more opportunities for associates to grow and succeed. We
believe a great career is a journey of discovery and exploration. So| we ask|
where will your journey take you?


This position serves as a Public Key Infrastructure (PKI) subject matter
expert for the Global Information Security division. It focuses on the
administration| operation| upgrade and support of the on-premise & on-cloud
Entrust Certification Authorities (CA)| the on-cloud Entrust Public CA (ECS)|
and the on-cloud KeyFactor Command tool. The position’s other duties include
certificate provisioning| troubleshooting certificate installation and
configuration| documenting current and new PKI processes| and monitoring the
PKI ServiceNow request queue. The position works with other PKI experts to
fulfill PKI objectives| assignments| and projects. The position shares
rotational on-call duties. The candidate shall be experienced with creating
specifications (e.g. requirements) and testing software for accuracy and
reliability. The candidate must be customer service friendly| and performs
well both individually and in a team environment.


Education and Experience


Bachelor’s degree in Computer Sciences or related field or equivalent experience / certification
3+ years of experience in the PKI management including SSL certificate lifecycle managements| expiration communications| and troubleshooting| as well as PKI management process improvements
3+ years of experience supporting and managing Entrust PKI solutions (e.g. Security Manager [SM]| AutoEnrollment Server [AES]| Enrollment Server for Web [ESW]| and Entrust Entelligence Service Provider for Windows [ESPW])
3+ years of experience administrating Windows| Linux| IIS| Apache| and Tomcat


Current information security certification| including Certified Information Systems Security Professional (CISSP)| Certified Information Security Manager (CISM)| Certified SCADA Security Architect (CSSA) or Certified Secure Software Lifecycle Professional (CSSLP).
Good knowledge of current industry standard for security systems software and protocols
Good knowledge of networking principles and protocols
Experience with KeyFactor Command Tool
Proven knowledge of software evaluation principles and testing practices
Excellent understanding of change management and testing requirements| techniques| and tools
2+ years of experience designing and management of Entrust on-premise and cloud PKI solutions
2+ years of experience designing and management of Entrust cryptography analysis
4+ years of experience supporting system and application owners who use SSL certificates
2+ years of experience in researching emerging technologies and trends| standards| and products
2+ years of experience doing business analysis and requirements gathering for complex business systems
2+ years of experience with .Net and PowerShell scripting


Manage the lifecycle of SSL certificates including issue| renewal and termination of SSL certificates for the enterprise
Manage the notification and escalation process for certificated due to expire
Interface with vendors that provide security / encryption related services
Participate in defining and developing the strategic plan for SSL for the enterprise
Lead the definition and implementation of POCs around SSL| KMS and other certificate related technologies
Ensure 24×7 uptime of the SSL services
Apply expert-level knowledge of SSL technologies to design and develop solutions to address customer problems
Participate in the continuous improvements of the PKI management processes and technology solutions
Apply a thorough understanding of the basics of IP networks and their workings (e.g. DNS| Security| IP Routing| HTTP| VPN)
Document requirements| designs| user manuals| security procedures| and operation reports
Lead stakeholders in creation of test cases for the verifying software| hardware and / or services on their security controls| integration| and performance characteristics
Assist in the integration of software products within the security environment in order to effectively support and improve the ongoing architecture of the enterprise’s security applications
Design security solutions to adequately address risks throughout the Marriott SDLC process and confirm that the level of risk is acceptable in accordance with Marriott’s policies
Coordination of system changes which effect various security environments
Validate / audit changes in the production security infrastructure
Attend change control board meetings and disseminate information to the application owners and technical teams
Assist with the identification and remediation of security events
Perform daily system monitoring| verify the integrity and availability of hardware| server resources| systems and key process