flex Senior Manager, Risk Management and Compliance

Marriott•Bethesda, MD

2d•Hybrid

About The Position

The Senior Manager, Risk Management & Compliance is a strategic leader responsible for strengthening Marriott’s Global Technology governance, driving timely closure of security and compliance issues, and ensuring consistent risk‑management execution across application and infrastructure teams. This role provides oversight, direction, and accountability to ensure technology services operate securely, regulatory and policy obligations are met, and risks are identified and remediated before they impact the business. You will play a critical role in maturing GT’s audit, compliance, and controls discipline—ensuring teams are ready for internal and external assessments, accelerating remediation of findings, and reinforcing operational rigor across the technology landscape. Responsibilities include guiding process owners on internal control best practices, validating control readiness, monitoring and reporting audit and security findings, and leveraging automation and analytics to drive issue closure and improve compliance performance. This role champions a proactive risk‑management mindset by identifying emerging risks, advising on required controls, ensuring consistent adoption across GT, and promoting governance practices that prevent financial, operational, and reputational harm. The ideal candidate combines strong leadership with a solution‑oriented approach to eliminate ambiguity, influence cross-functional teams, and drive measurable improvements in security and compliance outcomes.

Requirements

Undergraduate degree in Business, IT, Cybersecurity, Data Analytics, or related discipline—or equivalent experience/certification.
At least 7 years of IT leadership experience, demonstrating deep technical understanding and strong stakeholder engagement skills, including:
5+ years in IT infrastructure risk, governance, audit, and compliance across legacy and cloud environments.
3+ years leading audits, compliance programs, and remediation efforts, with a strong track record of driving timely issue closure.
Experience designing, evaluating, and advising on IT and cybersecurity controls for both cloud and on‑premises technologies.
Experience automating governance, evidence collection, reporting, or control testing.
At least one professional certification (CISA, CRISC, CISSP, or equivalent).
Demonstrated success collaborating across cross‑functional, sourced, or matrixed teams to drive accountability.
Strong analytical, problem‑solving, and prioritization skills in high‑pressure environments.
Excellent verbal and written communication skills, with the ability to influence application, infrastructure, and senior leadership stakeholders.

Nice To Haves

Graduate degree in a technical discipline.
Hands‑on experience with enterprise GRC, DevSecOps, and cybersecurity platforms (e.g., ServiceNow, Jira, Confluence, Splunk, CrowdStrike).
Experience managing or contributing to complex portfolios or programs.
Familiarity with Scaled Agile Framework (SAFe) environments.
Strong data analytics skills (e.g., Power BI) for metrics, dashboards, and BI‑driven insights.

Responsibilities

Audit and Compliance Oversight and Delivery
Issue Management & Remediation Leadership
Maturing Risk Management & Compliance Operations
Audit Readiness, Execution & Advisory
Stakeholder Coordination & Governance Engagement
Metrics, Analytics & Reporting
Project Management & Strategic Prioritization

Benefits

401(k) plan
stock purchase plan
discounts at Marriott properties
commuter benefits
employee assistance plan
childcare discounts
coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, and paid parental leave

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume