Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success.
Why Join Us?
To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win.
We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We’re building a more open world. Join us.
Who we are:
Expedia Group’s Computer Security and Incident Response (CSIRT) Operations team inside the Cyber Defense Center.
Our mission is to detect, investigate, disrupt, contain, and remediate threats in support of the company's information security strategy.
In this role, you will:
Lead a global Security Operations function responsible for continuous monitoring, detection, investigation, and response to security incidents across complex, large-scale environments.
Define and evolve the strategy, processes, and runbooks for security operations, including incident response, threat detection, and vulnerability response, ensuring consistent, high-quality execution.
Build, develop, and mentor a high-performing security operations team, establishing clear goals, operational metrics, and feedback loops to drive operational excellence.
Partner with engineering, infrastructure, and product teams to improve security posture, reduce risk, and embed security controls and automation into core platforms and services.
Own and refine security operations technologies, including SIEM, SOAR, endpoint and network security tools, ensuring they are tuned, scalable, and aligned to threat landscape and business needs.
Safely integrate and operate AI/MLenabled solutions that improve detection, triage, and response outcomes, demonstrating familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real world products.
Minimum Qualifications:
Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field, or equivalent practical experience.
Extensive experience in security operations, including hands-on incident response, threat detection, and security monitoring in large-scale, complex environments.
Proven experience managing and leading security operations teams with clear ownership over multi-service or domain-level security operations capabilities.
Strong technical expertise in security operations tooling and practices, such as SIEM, SOAR, endpoint protection, network security monitoring, and log analysis.
Demonstrated ability to define, implement, and continuously improve operational processes, metrics, and automation to enhance security posture and incident response effectiveness.
Preferred Qualifications:
Experience operating a 24x7 global security operations function at scale, including service reliability, on-call practices, and continuous improvement of detection and response.
Track record of leading cross-functional incident response for high-severity security events, including executive communication, root cause analysis, and long-term remediation.
Depth in designing and optimizing security operations architectures, including log pipelines, detection engineering frameworks, and automation workflows across multiple platforms.
Proven ability to drive data-driven decision making within security operations, leveraging metrics, trends, and threat intelligence to prioritize investments and improve controls.
Practical experience integrating AI/ML capabilities into security operations (for example, for anomaly detection, alert triage, or automated response), and safely operating AI/ML-enabled solutions that improve security outcomes.
Accommodation requests
If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request.
We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others.
Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™. © 2024 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50
Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.
Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.