Systems Engineer, Messaging
Company: Marriott Hotels Resorts
Location: Bethesda
Posted on: April 2, 2026
|
|
|
Job Description:
Description JOB SUMMARY Functions as the engineer for Email &
Messaging platforms, with primary accountability for Microsoft
Exchange, Microsoft Exchange Online, Exchange Online Protection /
Microsoft Defender for Office 365, Cisco Secure Email (IronPort/ESA
or CES), secure SMTP relay, and hybrid Exchange services. The ideal
candidate is a hands-on engineer with excellent communication
skills who can design, secure, operate, and continuously improve
enterprise mail flow at global scale. This role resolves complex
messaging issues, designs and implements security and
authentication controls (SPF/DKIM/DMARC), and partners closely with
Information Security and Identity teams to protect users against
phishing, BEC, malware, and data loss. The engineer contributes to
research, analysis, design, implementation, and sustainment of
resilient, auditable, and compliant messaging services that meet
current and future business and security requirements. Required
Education & Experience: Undergraduate degree in an engineering or
computer science discipline and/or equivalent
experience/certification 5 years progressive experience in IT
engineering, including 2-4 years focused on enterprise
email/messaging. 2 years engineering Exchange Online and EOP /
Microsoft Defender for Office 365 (policy design, Safe
Links/Attachments, Threat Explorer, AIR, quarantine workflows). 2
years administering Cisco Secure Email (IronPort/ESA or CES):
listeners, SMTP Auth, TLS, content filters, DLP, quarantine/SMAs,
TAC engagement. Proven ability integrating with Microsoft 365
security tooling, as well as other security tooling such as Splunk,
CrowdStrike, Abnormal Security, etc. Messaging security standards
expertise with proficiency of new security technologies related to
messaging, such as ICES Demonstrated expertise in mail flow:
connectors, accepted/remote domains, transport rules, message
tracing, header analysis, and hybrid routing in a large & complex
messaging environment. Practical mastery of email authentication
(SPF/DKIM/DMARC) design, rollout, and enforcement with
reporting/monitoring. Advanced PowerShell for Exchange Online (EXO
v3), scripting for policy/config automation; familiarity with Graph
API helpful. Experience operating hybrid Exchange (HCW, connectors,
auth, coexistence) and modernizing legacy protocols. 2 years
working in Agile delivery (scrum/kanban), with proven user-centered
design mindset applied to service hardening and incident response.
2 years integrating on-prem and cloud services in a large, global
enterprise. Other Attributes and Preferred
Qualifications/Experience: Excellent written and verbal
communication; strong attention to detail and ability to drive
outcomes across competing priorities. Demonstrated ability to work
independently and in cross-functional initiatives (Security,
Identity, Networking, Legal/Compliance). Experience researching and
adopting emerging email security capabilities and standards (e.g.,
MTA-STS/TLS-RPT, BIMI). Seasoned experience with directory/identity
(Microsoft Active Directory/Entra ID), modern auth, Conditional
Access; Ping/other IdPs a plus. Certifications such as Microsoft
365 Certified: Messaging Administrator Associate; Cisco Secure
Email training/certifications preferred. Strong understanding of
governance and security policy alignment (e.g., MIP-29 Global
Information Security Policy). Experience integrating messaging
telemetry with SIEM (e.g., Splunk) and operational dashboards. Core
Work Activities Own Exchange Online/EOP/MDO configuration: design,
implement, and continuously improve
anti-spam/anti-phish/anti-malware policies, Safe Links/Attachments,
quarantine workflows, and Automated Investigation & Response (AIR);
partner with SOC for incident handling. Operate Cisco Secure Email
(IronPort/ESA or CES) where in use: listeners, routing, SMTPAuth,
TLS, content filters, outbreak/AV verdicts, SMAs/reporting, and
coordinate with Cisco TAC as required. Lead mail-flow
modernization: design and execute changes required to transition,
optimize, and sustain routing through EOP/Defender; maintain
necessary interoperability and fallback paths. Engineer secure SMTP
relay: implement authenticated relay patterns for
applications/services, onboard senders, define migration waves, and
publish requirements; partner with App/Network owners for firewall
and testing. Implement & enforce email authentication: deploy
SPF/DKIM/DMARC across domains, move to enforcement
(p=quarantine/reject) with measurement and false-positive
remediation; manage reporting and posture dashboards. Hybrid
Exchange operations: maintain HCW, connectors, and coexistence;
plan deprecation of legacy features in line with vendor guidance.
Telemetry & logging: integrate Defender/EOP/IronPort signals with
SIEM; define alerting, runbooks, and SLOs for detection and
response; support IPT/controls outcomes for 'Improve Email Logging
& Monitoring.' Compliance & eDiscovery: partner with Security/Legal
to apply retention, litigation hold, eDiscovery workflows, and
DLP/policy hygiene in Purview for email workloads (as needed).
Documentation & enablement: keep runbooks current
(Exchange/Defender/IronPort), publish KBs, and educate tech and
field teams on new features and policy changes. Leads in the
evaluation, investigation, and testing of new technologies with
other teams Acts as a Technical Subject Matter Expert for Messaging
products and services Participate in security incident response
activities, as needed for Messaging products Managing Projects and
Priorities Thinks creatively and practically to design and execute
messaging roadmaps and modernization plans; manages risks,
dependencies, and cutovers. Generates timely results (designs,
RFCs, reports, dashboards) and holds stakeholders to delivery
commitments. Plans, implements, and evaluates the quality and
resiliency of operations with a focus on measurable service
outcomes. Delivering on the Needs of Key Stakeholders Balances
security, reliability, and user experience; communicates decisions
and trade-offs in clear, persuasive terms. Demonstrates strong
business acumen; aligns changes to measurable outcomes (reduced
phishing risk, improved deliverability, lower toil). Supports
team/portfolio goals and budget adherence through automation and
policy standardization. Providing Technical Support and
Consultation Advises on best practices for mail-flow,
authentication, and threat protection; anticipates and resolves
complex issues. Applies deep knowledge of Exchange Online, EOP/MDO,
Cisco Secure Email, and identity to meet business goals and
security requirements. Keeps current with platform roadmaps and
standards; evaluates new capabilities and drives adoption when
beneficial. Performs other reasonable duties as required for the
position. At Marriott International, we are dedicated to being an
equal opportunity employer, welcoming all and providing access to
opportunity. We actively foster an environment where the unique
backgrounds of our associates are valued and celebrated. Our
greatest strength lies in the rich blend of culture, talent, and
experiences of our associates. We are committed to
non-discrimination on any protected basis, including disability,
veteran status, or other basis protected by applicable law.
Keywords: Marriott Hotels Resorts, Bethesda , Systems Engineer, Messaging, IT / Software / Systems , Bethesda, Maryland
