Systems Engineer, Messaging

Marriott International-posted 3 months ago
$84,900 - $134,000/Yr
Full-time • Mid Level
Hybrid • Bethesda, MD
5,001-10,000 employees
Accommodation
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Functions as the engineer for Email & Messaging platforms, with primary accountability for Microsoft Exchange, Microsoft Exchange Online, Exchange Online Protection / Microsoft Defender for Office 365, Cisco Secure Email (IronPort/ESA or CES), secure SMTP relay, and hybrid Exchange services. The ideal candidate is a hands-on engineer with excellent communication skills who can design, secure, operate, and continuously improve enterprise mail flow at global scale. This role resolves complex messaging issues, designs and implements security and authentication controls (SPF/DKIM/DMARC), and partners closely with Information Security and Identity teams to protect users against phishing, BEC, malware, and data loss. The engineer contributes to research, analysis, design, implementation, and sustainment of resilient, auditable, and compliant messaging services that meet current and future business and security requirements.

  • Own Exchange Online/EOP/MDO configuration: design, implement, and continuously improve anti-spam/anti-phish/anti-malware policies, Safe Links/Attachments, quarantine workflows, and Automated Investigation & Response (AIR); partner with SOC for incident handling.
  • Operate Cisco Secure Email (IronPort/ESA or CES) where in use: listeners, routing, SMTPAuth, TLS, content filters, outbreak/AV verdicts, SMAs/reporting, and coordinate with Cisco TAC as required.
  • Lead mail-flow modernization: design and execute changes required to transition, optimize, and sustain routing through EOP/Defender; maintain necessary interoperability and fallback paths.
  • Engineer secure SMTP relay: implement authenticated relay patterns for applications/services, onboard senders, define migration waves, and publish requirements; partner with App/Network owners for firewall and testing.
  • Implement & enforce email authentication: deploy SPF/DKIM/DMARC across domains, move to enforcement (p=quarantine/reject) with measurement and false-positive remediation; manage reporting and posture dashboards.
  • Hybrid Exchange operations: maintain HCW, connectors, and coexistence; plan deprecation of legacy features in line with vendor guidance.
  • Telemetry & logging: integrate Defender/EOP/IronPort signals with SIEM; define alerting, runbooks, and SLOs for detection and response; support IPT/controls outcomes for 'Improve Email Logging & Monitoring.'
  • Compliance & eDiscovery: partner with Security/Legal to apply retention, litigation hold, eDiscovery workflows, and DLP/policy hygiene in Purview for email workloads (as needed).
  • Documentation & enablement: keep runbooks current (Exchange/Defender/IronPort), publish KBs, and educate tech and field teams on new features and policy changes.
  • Leads in the evaluation, investigation, and testing of new technologies with other teams.
  • Acts as a Technical Subject Matter Expert for Messaging products and services.
  • Participate in security incident response activities, as needed for Messaging products.
  • Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification.
  • 5+ years progressive experience in IT engineering, including 2-4+ years focused on enterprise email/messaging.
  • 2+ years engineering Exchange Online and EOP / Microsoft Defender for Office 365 (policy design, Safe Links/Attachments, Threat Explorer, AIR, quarantine workflows).
  • 2+ years administering Cisco Secure Email (IronPort/ESA or CES): listeners, SMTP Auth, TLS, content filters, DLP, quarantine/SMAs, TAC engagement.
  • Proven ability integrating with Microsoft 365 security tooling, as well as other security tooling such as Splunk, CrowdStrike, Abnormal Security, etc.
  • Messaging security standards expertise with proficiency of new security technologies related to messaging, such as ICES.
  • Demonstrated expertise in mail flow: connectors, accepted/remote domains, transport rules, message tracing, header analysis, and hybrid routing in a large & complex messaging environment.
  • Practical mastery of email authentication (SPF/DKIM/DMARC) design, rollout, and enforcement with reporting/monitoring.
  • Advanced PowerShell for Exchange Online (EXO v3), scripting for policy/config automation; familiarity with Graph API helpful.
  • Experience operating hybrid Exchange (HCW, connectors, auth, coexistence) and modernizing legacy protocols.
  • 2+ years working in Agile delivery (scrum/kanban), with proven user-centered design mindset applied to service hardening and incident response.
  • 2+ years integrating on-prem and cloud services in a large, global enterprise.
  • Excellent written and verbal communication; strong attention to detail and ability to drive outcomes across competing priorities.
  • Demonstrated ability to work independently and in cross-functional initiatives (Security, Identity, Networking, Legal/Compliance).
  • Experience researching and adopting emerging email security capabilities and standards (e.g., MTA-STS/TLS-RPT, BIMI).
  • Seasoned experience with directory/identity (Microsoft Active Directory/Entra ID), modern auth, Conditional Access; Ping/other IdPs a plus.
  • Certifications such as Microsoft 365 Certified: Messaging Administrator Associate; Cisco Secure Email training/certifications preferred.
  • Strong understanding of governance and security policy alignment (e.g., MIP-29 Global Information Security Policy).
  • Experience integrating messaging telemetry with SIEM (e.g., Splunk) and operational dashboards.
  • Medical, dental, vision coverage.
  • Health care flexible spending account.
  • Dependent care flexible spending account.
  • Life insurance.
  • Disability insurance.
  • Accident insurance.
  • Adoption expense reimbursements.
  • Paid parental leave.
  • Educational assistance.
  • 401(k) plan.
  • Stock purchase plan.
  • Discounts at Marriott properties.
  • Commuter benefits.
  • Employee assistance plan.
  • Childcare discounts.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Systems Engineer Resume Examples
Systems Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service