Senior Manager, Information Security (Vendor Security Risk)
On-site · Bethesda, Maryland, United States
Job Summary
Senior Manager, Information Security (Vendor Security Risk) oversees third-party risk assessments and vendor controls, supports the broader security program, and collaborates with stakeholders across IT and business units to secure Marriott information and assets. Responsibilities include evaluating vendor control environments, documenting risk findings, managing vendor relationships, leading risk assessments, ensuring compliance with security policies and standards, and communicating risk to leadership. Requires strong communication, governance of security policy/procedures, and experience with security controls, cloud/SaaS providers, and industry frameworks (OWASP Top 10, SANS 25).
Required Qualifications
- Bachelor’s degree in Information Systems or related field or equivalent experience/certification
- 7+ years of information technology leadership experience including implementing, managing and governing security policies
- 3+ years direct work experience in third-party Risk Management
- One or more current information security certifications such as CRISC, CISM, CISA or CISSP
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.