Systems Engineer, Messaging

Required Education & Experience:

• Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification 
• 5+ years progressive experience in IT engineering, including 2-4+ years focused on enterprise email/messaging.
• 2+ years engineering Exchange Online and EOP / Microsoft Defender for Office 365 (policy design, Safe Links/Attachments, Threat Explorer, AIR, quarantine workflows).
• 2+ years administering Cisco Secure Email (IronPort/ESA or CES): listeners, SMTP Auth, TLS, content filters, DLP, quarantine/SMAs, TAC engagement.
• Proven ability integrating with Microsoft 365 security tooling, as well as other security tooling such as Splunk, CrowdStrike, Abnormal Security, etc.
• Messaging security standards expertise with proficiency of new security technologies related to messaging, such as ICES
• Demonstrated expertise in mail flow: connectors, accepted/remote domains, transport rules, message tracing, header analysis, and hybrid routing in a large & complex messaging environment.
• Practical mastery of email authentication (SPF/DKIM/DMARC) design, rollout, and enforcement with reporting/monitoring.
• Advanced PowerShell for Exchange Online (EXO v3), scripting for policy/config automation; familiarity with Graph API helpful.
• Experience operating hybrid Exchange (HCW, connectors, auth, coexistence) and modernizing legacy protocols.
• 2+ years working in Agile delivery (scrum/kanban), with proven user-centered design mindset applied to service hardening and incident response.
• 2+ years integrating on-prem and cloud services in a large, global enterprise.

Other Attributes and Preferred Qualifications/Experience:

• Excellent written and verbal communication; strong attention to detail and ability to drive outcomes across competing priorities.
• Demonstrated ability to work independently and in cross-functional initiatives (Security, Identity, Networking, Legal/Compliance).
• Experience researching and adopting emerging email security capabilities and standards (e.g., MTA-STS/TLS-RPT, BIMI).
• Seasoned experience with directory/identity (Microsoft Active Directory/Entra ID), modern auth, Conditional Access; Ping/other IdPs a plus.
• Certifications such as Microsoft 365 Certified: Messaging Administrator Associate; Cisco Secure Email training/certifications preferred.
• Strong understanding of governance and security policy alignment (e.g., MIP-29 Global Information Security Policy).
• Experience integrating messaging telemetry with SIEM (e.g., Splunk) and operational dashboards.

Core Work Activities

• Own Exchange Online/EOP/MDO configuration: design, implement, and continuously improve anti-spam/anti-phish/anti-malware policies, Safe Links/Attachments, quarantine workflows, and Automated Investigation & Response (AIR); partner with SOC for incident handling.
• Operate Cisco Secure Email (IronPort/ESA or CES) where in use: listeners, routing, SMTPAuth, TLS, content filters, outbreak/AV verdicts, SMAs/reporting, and coordinate with Cisco TAC as required.
• Lead mail-flow modernization: design and execute changes required to transition, optimize, and sustain routing through EOP/Defender; maintain necessary interoperability and fallback paths.
• Engineer secure SMTP relay: implement authenticated relay patterns for applications/services, onboard senders, define migration waves, and publish requirements; partner with App/Network owners for firewall and testing.
• Implement & enforce email authentication: deploy SPF/DKIM/DMARC across domains, move to enforcement (p=quarantine/reject) with measurement and false-positive remediation; manage reporting and posture dashboards.
• Hybrid Exchange operations: maintain HCW, connectors, and coexistence; plan deprecation of legacy features in line with vendor guidance.
• Telemetry & logging: integrate Defender/EOP/IronPort signals with SIEM; define alerting, runbooks, and SLOs for detection and response; support IPT/controls outcomes for 'Improve Email Logging & Monitoring.'
• Compliance & eDiscovery: partner with Security/Legal to apply retention, litigation hold, eDiscovery workflows, and DLP/policy hygiene in Purview for email workloads (as needed).
• Documentation & enablement: keep runbooks current (Exchange/Defender/IronPort), publish KBs, and educate tech and field teams on new features and policy changes.
• Leads in the evaluation, investigation, and testing of new technologies with other teams
• Acts as a Technical Subject Matter Expert for Messaging products and services
• Participate in security incident response activities, as needed for Messaging products

Managing Projects and Priorities 

• Thinks creatively and practically to design and execute messaging roadmaps and modernization plans; manages risks, dependencies, and cutovers.
• Generates timely results (designs, RFCs, reports, dashboards) and holds stakeholders to delivery commitments.
• Plans, implements, and evaluates the quality and resiliency of operations with a focus on measurable service outcomes.

Delivering on the Needs of Key Stakeholders 

• Balances security, reliability, and user experience; communicates decisions and trade-offs in clear, persuasive terms.
• Demonstrates strong business acumen; aligns changes to measurable outcomes (reduced phishing risk, improved deliverability, lower toil).
• Supports team/portfolio goals and budget adherence through automation and policy standardization.

Providing Technical Support and Consultation 

• Advises on best practices for mail-flow, authentication, and threat protection; anticipates and resolves complex issues.
• Applies deep knowledge of Exchange Online, EOP/MDO, Cisco Secure Email, and identity to meet business goals and security requirements.
• Keeps current with platform roadmaps and standards; evaluates new capabilities and drives adoption when beneficial.
• Performs other reasonable duties as required for the position.

At Marriott International, we are dedicated to being an equal opportunity employer, welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and celebrated. Our greatest strength lies in the rich blend of culture, talent, and experiences of our associates.  We are committed to non-discrimination on any protected basis, including disability, veteran status, or other basis protected by applicable law.