Additional Information
Job Number 25088050
Job Category Information Technology
Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States, 20814VIEW ON MAP (https://www.google.com/maps?q=Marriott%20International%20HQ%2C%207750%20Wisconsin%20Avenue%2C%20Bethesda%2C%20Maryland%2C%20United%20States%2C%2020814)
Schedule Full Time
Located Remotely? N
Position Type Management
This is a temporary position.
The Supply Chain Security Analyst will assist in supporting and improving the security of containerized applications and open-source software usage through container image security and software composition analysis (SCA). The ideal candidate will have a strong foundational understanding of application security, a proactive mindset, and knowledge of containerized environments and modern development pipelines. The role is designed to provide hands-on experience in application security within a corporate environment, with a strong focus on learning and development.
CANDIDATE PROFILE
Education and Experience
Required:
Associate's degree in Cybersecurity, Computer Science or related field or equivalent experience/certification
2+ years of information technology experience
Strong understanding of basic programming concepts and principals (interpretation, compilation, loops, control structures, data @types)
Basic understanding of security testing methodologies, tools, and approaches
Basic understanding of vulnerability management and risk management
Basic understanding of OWASP Top 10 and its implications to software security
Strong interest in cybersecurity and a willingness to learn on the job
Basic understanding of common software development practices and procedures (version control, testing, patching, CI/CD)
Basic understanding of the Software Development Lifecycle (SDLC)
Proficiency in Microsoft Word, PowerPoint, and Excel
Excellent communication skills.
Preferred:
Bachelor's degree in Cybersecurity, Computer Science, or related field or equivalent experience/certification
Current information security certification, including: GSEC, GSIF, CySA+, Security+, CEH, GRISC, CISA
2+ years of experience in a cybersecurity, DevSecOps, or software security support role
Practical experience with container platforms (e.g., Docker, Kubernetes) and image scanning tools
Basic understanding of CI/CD pipelines and modern development workflows (e.g., Git, Jenkins, GitLab CI)
Experience working in a regulated environment (e.g., finance, healthcare, government)
Experience with conducting risk assessments and developing risk mitigation strategies
Understanding of CVSS scoring and vulnerability management workflows
Strong foundational knowledge of QA testing practices and principles
Strong foundational knowledge of OWASP Top 10
Experience assisting in vendor relationship management
CORE WORK ACTIVITIES
Container Security and Supply Chain Management
Monitor and triage findings from container image scanning tools (e.g., Trivy, Clair, Anchore, Aqua, or Prisma Cloud)
Support the integration and maintenance of SCA tools (e.g., Snyk, Black Duck, WhiteSource, or GitHub Dependabot)
Collaborate with development and DevOps teams to ensure secure use of open-source components
Interpret vulnerabilities, misconfigurations, and associated remediations
Assist in the creation and enforcement of security policies related to containerization and open-source use
Support the triage and resolution of security scanning related issues in CI/CD pipelines
Assist the Senior Manager in vendor relationship management
Assist in monitoring compliance with security standards and regulatory requirements related to container and web application security
Assist in tracking and documenting risk mitigation efforts, ensuring timely resolution of identified issues
Learn and assist in the use of security scanning tools for basic operations
Work closely with development and DevOps teams to integrate risk management practices into the software development lifecycle
Gain exposure to security frameworks and standards, under the mentorship of the Senior Manager
Contribute to the development and maintenance of compliance documentation, including policies, procedures, and control frameworks
Aid in the use of project management tools like JIRA to track tasks and projects
Additional Responsibilities
Informs, updates, and provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.
Attends and participates in all relevant meetings.
Presents ideas, expectations and information in a concise, organized manner.
Uses problem solving methodology for decision making and follow up.
Maintains positive working relations with internal customers and department managers.
Manages time effectively and conducts activities in an organized manner.
Performs other reasonable duties as assigned by manager.
The pay range for this position is $33.94 to $53.46 per hour.
FLEX opportunities offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.
Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD.
Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.
Marriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work,? begin your purpose, belong to an amazing global? team, and become the best version of you.
