Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success.
Why Join Us?
To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win.
We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We’re building a more open world. Join us.
Role Summary
Ensuring shift health and respond to escalations as a part of the follow the sun 24/7 operating model. This role will perform advanced cybersecurity investigations for security event alerts across a numerous technologies and brands from phishing alerts: identity, cloud, EDR, network, UEBA, API, WAF, user and other team reported events.
A subject matter expert (SME) by understanding market trends and influencing team practices, demonstrating advanced cybersecurity (vulnerability management, threat hunting, specialization areas like pen testing), advanced networking (MPLS/GRE tunnels, BGP, VPN deployment), advanced system administration (system installation/configuration, virtual infrastructure, production issue troubleshooting), intermediate understanding of application layers (web, backend, streaming apps), and intermediate scripting (complex, clean, well-commented scripts in Python, PowerShell).
In this role, you will:
- Perform advanced level of security investigation on the following areas: application security, cloud security, data security, network security, and perimeter security
- Analyze security signals, threat intelligence, and vulnerability data to detect, investigate, and remediate security issues, driving long-term risk reduction through automation and scalable solutions.
- Provide in-depth knowledge of cyber-attack analysis and cyber kill-chain framework
- Gather data and drill down to root cause analysis, ability to recommend effective courses of containment, remediation, and communicate to the various levels in the organization
- Suggest improvements to current Security Detection practices and procedures
- Flexibility as the position will require shifts to cover 24x7 follow the sun in line with US and APAC operations.
- Responsible for responding immediately to security issues ensuring alignment to SLAs and driving resolution and mitigation
Minimum Qualifications:
- Bachelor’s degree in Computer Science, Information Security, or a related technical field, or equivalent practical experience in security engineering.
- Several years of hands-on experience in security engineering, including building or operating security tooling, services, or platforms within complex, distributed systems.
- Proven experience owning the security posture of one or more services or platforms, including responsibility for implementing controls, monitoring, and remediation within that scope.
- Strong technical proficiency in at least one programming or scripting language, with experience applying secure coding practices, working with APIs, and understanding data models in modern software architectures.
- Familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real world products.
Preferred Qualifications:
- Experience leading shifts in a security operations center or CISRT
- Demonstrated success leading security initiatives or projects end to end, such as rolling out new security controls, detection capabilities, or automation across multiple teams or services.
- Depth in one or more security domains such as application security, infrastructure security, identity and access management, detection engineering, or vulnerability management, with a track record of measurable risk reduction.
- Cybersecurity certifications such as SANS or CISSP
- Experience applying data-driven approaches to prioritize security work, tune detections, and improve operational excellence, including defining metrics and feedback loops for continuous improvement.
Accommodation requests
If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request.
We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others.
Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™. © 2024 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50
Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.
Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.