*Relocation Assistance Provided
Job Title: AVP, Cyber Security Operations
Generic Position Summary
As a member of the professional staff, contributes specialized knowledge and skill in a discipline (e.g., Accounting, Finance, Human Resources, Information Technology, Operations Planning & Support, Sales & Marketing) area to support team and/or department business objectives.
Generally, works under limited supervision, but within established guidelines, producing and analyzing more complex business information to assist in the decision-making process.
Specific Job Summary
The AVP, Cyber Security Operations will be responsible for leading the design, implementation, and continuous enhancement of the organization’s security operations capabilities. This role will focus on developing a Security Operations Center (SOC) that ensures proactive monitoring, threat detection, and swift incident response to safeguard the organization’s critical infrastructure and digital assets. The individual will be tasked with establishing a robust threat intelligence program that integrates real-time threat data, analysis, and strategic insights to anticipate emerging risks and inform decision-making. A key aspect of this role is creating and nurturing operational processes that allow the SOC to function seamlessly across complex, hybrid environments, including cloud and on-premises systems.
This leader will be responsible for managing advanced security tools such as SIEM, SOAR, EDR, and threat intelligence platforms, and will leverage these tools to automate workflows, improve incident response times, and drive threat analysis. The role will ensure that security operations are continuously evolving to meet the latest threat landscapes, using an intelligence-driven approach to preemptively mitigate risks. The individual will be instrumental in driving the organization’s security incident management framework, ensuring effective resolution, reporting, and post-incident reviews that contribute to future risk mitigation.
Additionally, the position collaborates closely with business and IT leaders to ensure that security operations are aligned with organizational goals and risk management strategies. This role will also involve working with regulatory and compliance teams to ensure adherence to industry standards, data protection regulations, and cybersecurity best practices.
Generic Expected Contributions
Contributes to team, department, and/or business results by performing complex quantitative and qualitative analysis for business processes and/or projects. Often manages small projects, business processes or parts of larger ones.
Responds to, solves, and makes decisions on more complex/non-routine business requests with limited to moderate risk.
Assists more senior associates in achieving business results by:
identifying opportunities to enhance the effectiveness of business processes.
participating in setting department operating plans.
achieving results against budget within scope of responsibility.
Demonstrates an awareness of personal strengths and areas for improvement and acts independently to improve and increase skills and knowledge.
Performs other duties as appropriate.
Specific Expected Contributions
SOC Leadership and Optimization: Leads the continuous improvement and optimization of the Security Operations Center (SOC) to ensure that it is capable of effectively detecting and responding to both external and internal threats. This includes refining SOC processes, tools, and workflows to ensure operational efficiency and responsiveness to security incidents across hybrid environments.
Threat Intelligence Integration: Develops and operationalizes a comprehensive threat intelligence program that enhances situational awareness and empowers the SOC with actionable insights. This includes integrating external threat intelligence feeds, leveraging internal threat data, and fostering collaboration with industry groups and threat-sharing communities to stay ahead of emerging threats.
Incident Response Management: Oversees the development and execution of incident response plans, ensuring they are tested, documented, and continuously improved. Leads high-impact incident response efforts, coordinating with relevant stakeholders to contain, remediate, and recover from security incidents. Ensures post-incident reviews are conducted to identify gaps and improve the organization’s overall security posture.
Security Automation and Orchestration: Spearheads the integration of automation and orchestration tools, such as Security Orchestration, Automation, and Response (SOAR) platforms, to streamline and accelerate security operations. Focuses on automating repetitive tasks, improving response times, and reducing manual effort to increase operational efficiency within the SOC.
Security Metrics and Reporting: Establishes key performance indicators (KPIs) and metrics to measure the effectiveness of the security operations function. Provides regular updates and executive reporting on security operations performance, including threat detection, incident response timelines, and overall security posture. Uses data to drive improvements and ensure alignment with the organization’s risk management strategy.
Cross-functional Collaboration: Works closely with technology, legal, compliance, privacy, and business leadership to ensure that security operations are aligned with overall business objectives and regulatory requirements. Facilitates the integration of security considerations into all aspects of the organization’s technology infrastructure and processes.
Team Development and Mentorship: Fosters a high-performance culture within the security operations team through mentorship, training, and leadership. Supports career development and skills growth for team members, ensuring they are equipped with the latest knowledge and tools to handle evolving threats. Builds a culture of continuous learning to keep the team ahead of the curve in security operations and threat management.
Risk and Compliance Alignment: Ensures that the security operations function meets relevant regulatory requirements and aligns with industry standards (e.g., NIST, ISO 27001, GDPR). Works with compliance and legal teams to ensure that incident response efforts, threat intelligence, and SOC activities support the organization’s broader compliance goals.
Technology and Tool Selection: Evaluates, selects, and implements security technologies that support the security operations program. This includes SIEM, EDR, threat intelligence platforms, and other tools that enhance detection, monitoring, and response capabilities. Ensures these tools are integrated seamlessly into the organization’s broader security architecture.
Generic Candidate Profile
Successful candidates should possess knowledge, experience, and demonstrate leadership skills as follows:
Generally, a professional position with specific knowledge in a discipline (e.g., Accounting, Human Resources, Information Resources). College degree and/or relevant experience typically required.
Specific Candidate Profile
Education
Bachelor of Science (BS) degree that is technology based in information technology, engineering, computer science, or statistical/math sciences required.
Master’s degree, e.g., MBA or in Computer Science, preferred.
Certifications Preferred
Advanced certifications such as CISSP, CISM, GIAC (e.g., GCIA, GCFA, GCIH), or CEH preferred.
Experience
At least ten years of progressive experience in relevant Information Security positions.
At least six years of experience in a security engineering role or a similar position or having equivalent skills and experience
Proven experience managing hybrid SOCs (in-house and MSSPs), and leading global or enterprise-scale security operations.
Demonstrated expertise with tools and technologies such as SIEM, SOAR, EDR, and threat intelligence platforms.
Experience managing incidents and crises in dynamic environments.
Skills/Attributes
Deep understanding of incident response methodologies, threat detection, and forensics practices.
Expertise in modern IT architectures, including hybrid cloud environments, containers, and APIs.
Strong knowledge of security frameworks and standards (e.g., NIST CSF, MITRE ATT&CK, ISO 27001).
Exceptional analytical and critical thinking skills with the ability to make critical decisions under pressure.
Strong leadership, collaboration, and interpersonal skills, with the ability to influence at all levels of the organization.
Effective communicator with the ability to translate complex technical details into actionable insights for diverse audiences.
Ability to develop and mentor security operations teams, fostering a culture of continuous learning, skill development, and high-performance standards to stay ahead of evolving threats.
Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.
Take the first step in charting your own course by joining our Talent Network. It’s the best way to stay informed and receive alerts for exciting jobs that may be perfect for you.
