Join us on our mission to power global travel
for everyone, everywhere.

View my profile

Sr. IT Auditor - Cloud/Cybersecurity

United States - Washington - Seattle


We are seeking a highly-motivated/ethical, self-starting IT Senior Internal Auditor to work with our Corporate Audit Services department (CAS).

In this global role, our CAS team members are critical to helping all the Brands within Expedia, Inc. address compliance, financial, operational, strategic and technology risks in business and technology processes. The work requires proficiency in the areas of internal auditing, including risk-based operational, technology, and regulatory audits (i.e., cybersecurity, cloud infrastructure, API/platform architecture, data governance/privacy). Work is conducted according to established methodology in accordance with Institute of Internal Auditors' (IIA) standards and guidelines.

We are looking for candidates who are inquisitive, want to be intellectually-stimulated and driven to continuously improve and expand their knowledge and skill sets. You will be offered the opportunities to learn about the largest online travel company in the world, travel the world and develop your skill set and leadership qualities. Successful employees will have an opportunity to continue to grow their career in other parts of the Company locally or worldwide.

Who you'll do:

  • Execute internal audits, including development of internal audit plans, facilitation of process interviews, documentation of company processes and procedures, execution of internal controls testing, identification of issues, completion of project review procedures, and communication of internal audit results
  • Understand the cybersecurity footprint, platform architecture, cloud infrastructure, data governance and privacy compliance, general computing control structure of the Company (systems and architecture) and be able to apply that knowledge to how it supports the processes and procedures being reviewed
  • Perform advisory work for key processes or projects being implemented consisting of evaluating gaps and risk and providing guidance prior to implementation
  • Consistently deliver quality work products (e.g., documenting audit methods, evidence of procedures executed
  • Monitor progress and verify key stakeholders (e.g., process owners, CAS management, etc.) are kept informed about progress and expected outcomes
  • Participate in enterprise-wide risk assessment interviews with key stakeholders
  • Demonstrate strong project management skills and the ability to multi-task on deliverables
  • Be professional and tactful in all interactions: both verbal and written
  • Coach, train, onboard and provide guidance to less experienced members of the team
  • Stay abreast of current business and industry trends relevant to Expedia's business
  • Establish relationships with Expedia personnel at appropriate levels.

Who you are:

  • CIA, CISSP, OSCP, CCSK, CISA, CISM, CISSP, CDPSE, or IAPP certification desired (or ability to obtain a certification within 1 year)
  • Experience in or relevant exposure to operational or IT audit, governance, risk or compliance strongly preferred
  • Bachelor's degree in Computer Science, Management Information Systems, Cybersecurity or related discipline, and approximately 3 - 5 years work experience in technology audit, information security engineering, IT governance risk and compliance or related areas preferably within the technology industry
  • Strong understanding of cybersecurity processes and concepts (e.g. vulnerability management, security governance, software development, incident response, physical security, auditing and logging, micro segmentation, secure access service edges, zero trust architecture, PKI, penetration testing) as well as application controls
  • Experience in auditing, compliance, and/or risk management with cloud operations, network, infrastructure, and security preferably related to AWS
  • Experience in auditing, compliance, and/or risk management with Data Privacy regulations (GDPR, CCPA, HIPPA and others), third-party data risks, and data protection
  • Knowledge and experience with professional standards including NIST Cybersecurity Framework, COBIT, ITIL, ISO27000
  • Excellent communication skills in both written and verbal forms; previous experience in writing internal audit reports, preferred
  • Strong analytical, interpersonal and communication skills
  • Strong skills in project management

Why join us:

Expedia Group recognizes our success is dependent on the success of our people. We are the world's travel platform, made up of the most knowledgeable, passionate, and creative people in our business. Our brands recognize the power of travel to break down barriers and make people's lives better – that responsibility inspires us to be the place where exceptional people want to do their best work, and to provide them the tools to do so.  

Whether you're applying to work in engineering or customer support, marketing or lodging supply, at Expedia Group we act as one team, working towards a common goal; to bring the world within reach. We relentlessly strive for better, but not at the cost of the customer. We act with humility and optimism, respecting ideas big and small. We value diversity and voices of all volumes. We are a global organization but keep our feet on the ground, so we can act fast and stay simple. Our teams also have the chance to give back on a local level and make a difference through our corporate social responsibility program, Expedia Cares.

If you have a desire to make a difference with one of the most loved consumer brands in the world and to work in the dynamic travel industry, this is the job for you.

Our family of travel brands includes: Brand Expedia®,®, Expedia® Partner Solutions, Egencia®, trivago®, VRBO®, Orbitz®, Travelocity®, Wotif®,®, ebookers®, CheapTickets®, Hotwire®, Classic Vacations®, Expedia® Media Solutions,™, Expedia Local Expert®, Expedia® CruiseShipCenters®, SilverRail Technologies, Inc., ALICE and Traveldoo®.


About Expedia Group 

Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®,®, Expedia® Partner Solutions, Vrbo®, Egencia®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®,™, and Expedia Cruises™.  

© 2021 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50

Expedia is committed to creating an inclusive work environment with a diverse workforce.   All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.

Join our

Join us as we look for outstanding talent to help us power global travel for everyone, everywhere.

Sign up!


Job Category
Finance and Accounting Group

Job Function

United States - Washington - Seattle
United States - Texas - Austin

Job Type
Full-Time Regular

Similar Jobs

Don’t forget to follow us!

Find out more about our global family by following us on social.


Already applied? View your account

Interviewing at Expedia Group

Go to top