We Are the World's Travel Platform

Come along on our journey to
bring the world within reach

View my profile

Security Compliance Manager, PCI

United States - Washington - Seattle

APPLY NOW
Expedia

Expedia Group’s security posture is one of our Platform and Marketplace’s top priorities and a key foundation for our platform transformation. We are in search of a Technical and PCI experienced Security Compliance Manager who has worked in a regulated environment. Do you understand cloud operational and security processes, optimally build, establish and communicate security controls, and support changes within the organization through effective development and testing?

Consider being a part of our Security team of professionals.

To be successful, you'll be organized, inventive, and possess domain knowledge on security compliance. You will be a key member of our GRC team and play a key role in building controls adherence to the security and Payment Card Industry (PCI) requirements. In this role, you will demonstrate ability to analyze hard problems and provide pragmatic solutions and recommendations. Along with your knowledge of PCI, your experience in NIST CSF, ISO 27001, ISO 27018, FedRAMP, PCI, SSAE 18, or SOC 2 will be an asset!

What you'll do

  • Evaluate the design efficiency of common controls based upon industry standard methodology models (e.g. COBIT, ITIL) in accordance with compliance requirements
  • Participate in external certification and drive our partner audit events, including preparation, sample delivery, and onsite facilitation
  • Assist in the analysis and definition of security requirements and help with ongoing maintenance and support of security controls
  • Act as internal resource and authority on Expedia Security policy & standards
  • Lead and own the development of medium to complex multi-functional compliance and audit related projects
  • Aid in defining audit scope and objectives, involving all relevant partners
  • Drive appropriate meeting cadence required to achieve and maintain for a successful internal/external third-party audit
  • Facilitate efficient communication across all levels of an audit to ensure consistency in reaching the audit's goals, and to help in the recognition of any potential opportunities, risks, or complications
  • Hold business partners accountable for timely and quality execution of objectives
  • Perform risk management to minimize audit risks: identify, track, mitigate, and resolve risks and issues
  • Present recommendations, options, opportunities, and assumptions to leadership

Who you are

  • A minimum of 6 years job related experience in compliance or technical engineering field
  • Recently worked in a regulated environment, dealing with PCI assessments
  • Demonstrated expertise managing a compliance audit and partners
  • Information Security Certification(s) with demonstrated work experience preferred. Desired certifications include: CISA, CISP, PCI
  • Knowledge related to coordinating and securing operating systems, database platforms, endpoint security and network infrastructure, which is preferred
  • Experience with methodologies related to network architecture & security controls (Routers, Firewalls, networking protocols, etc.)
  • Ability to recognize/analyze/and document deficiencies and articulate those to both technical and non-technical key management personnel
  • Experience using a risk-based audit approach in evaluations of and recommendations for management processes
  • An understanding of Information Security frameworks, processes, technologies, and practices, including NIST and ISO27xxx standards

Why join us

Expedia Group recognizes our success is dependent on the success of our people. We are the world's travel platform, made up of the most knowledgeable, passionate, and creative people in our business. Our brands recognize the power of travel to break down barriers and make people's lives better – that responsibility inspires us to be the place where exceptional people want to do their best work, and to provide them to tools to do so.

Whether you're applying to work in engineering or customer support, marketing or lodging supply, at Expedia Group we act as one team, working towards a common goal; to bring the world within reach. We relentlessly strive for better, but not at the cost of the customer. We act with humility and optimism, respecting ideas big and small. We value diversity and voices of all volumes. We are a global organization but keep our feet on the ground so we can act fast and stay simple. Our teams also have the chance to give back on a local level and make a difference through our corporate social responsibility program, Expedia Cares.

If you have a hunger to make a difference with one of the most loved consumer brands in the world and to work in the dynamic travel industry, this is the job for you.

Our family of travel brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Egencia®, trivago®, HomeAway®, Orbitz®, Travelocity®, Wotif®, lastminute.com.au®, ebookers®, CheapTickets®, Hotwire®, Classic Vacations®, Expedia® Media Solutions, CarRentals.com™, Expedia Local Expert®, Expedia® CruiseShipCenters®, SilverRail Technologies, Inc., ALICE and Traveldoo®.

*LI-CW1

Expedia is committed to creating an inclusive work environment with a diverse workforce.   All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.
APPLY NOW

Join our
Careers
Community

Expedia Group's Career Community is a great way to learn about new opportunities and receive important job communications and updates.

Sign up!

R-49106

Job Category
Information Technology Group

Job Function
Security Compliance

Location
United States - Washington - Seattle

Job Type
Full-Time Regular

Similar Jobs

Go to top