Are you someone who has solid background in the information security profession with a passion for protecting an organization’s computers, networks and data against computer viruses, security breaches and malicious attack? If so, we want to talk with you. As a Security Engineer you’ll be a key Player of a growing team chartered with improving and maturing the security poster of Expedia Group while protecting corporate & traveler’s data. Your work will be instrumental in, not only, improving the security of company but testing cycle times but also in ensuring that all solutions complement one another and function seamlessly.
The ideal candidate would be open to new challenges, be extremely good at multi-tasking, be innovative, creative, disciplined and an outstanding teammate. The candidate would be comfortable driving continuous process improvement and collaborating effectively across teams to take on problems and implement new solutions.
You’ll be responsible to maintain and enhance when needed the overall daily operations of the Enterprise Risk & Security team providing 24/7 security support.
Lead Security personnel in the monitoring and management of security processes and technologies that reduce or remove security related risk in support of the enterprise and in compliance with regulatory requirements.
You will lead the activities of the security and threat detection departments.
You’ll support all aspects of a security event monitoring and incident response process.
You will seek continuous improvement of security events and proactively oversees research to identify emerging threats.
You’ll serve as domain expert on Detection Operations technologies, provide recommendations on new/emerging technologies, and ensure proper operation of all security systems and process.
Ensure that Detection Operations staff are properly trained on applicable systems.
Coordinate the development, delivery, and documentation of training programs and ensure staff maintains compliance with required training.
Assist with audits and create incident reports when needed ensuring information is concise and accurate and is application to security protocols.
Interface with Business Unit and Corporate group leadership to provide an understanding of current threats targeting their environments and what security measures are currently mitigating these threats.
Responsible for security event monitoring, forensic investigations and incident response as well as identifying new detection and investigative techniques/solutions.
Oversee network traffic and security events to identify malicious activity.
Coordinate with Business Unit and Corporate teams to provide remediation recommendations and mitigate security threat findings.
Lead Cyber Security Incident Handling when necessary.
Provide audit and compliance request from internal and external entities with data as needed.
Provides support for security-related projects as assigned
Bachelor’s Degree or equivalent level job experience in Information Security
5+ years in Security Operations/Incident Response
Advance knowledge of networking, security architecture and security best practices.
Advance level data analysis experience with WAF, IDS/IPS, Full Packet Capture and Host/Network/Memory Forensics
Advance knowledge with the development of security policies, procedures, guidelines, etc.
Enterprise-level experience performing incident triage, analysis, incident response, and remediation for computer network intrusions, web application and server attacks, insider threats, and malware infections.
Extensive understanding of the life cycle of cyber threats, attacks, attack vectors and methods of exploitation.
In-depth experience reviewing and creating timelines high volumes of logs, network data, attack artifacts, security events and device logs from large corporate LAN/WAN network devices including Firewalls/Switches/Routers, Databases, Anti-Virus, Intrusion Detection Systems (IDS), Web Proxys, and Domain Name Servers (DNS)
In-depth experience developing content in enterprise SIEM (Security Information and Event Managers) platforms
Knowledge of adversary activities in cyber security with an understanding of intrusion set tactics, techniques, and procedures
About Expedia Group
Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™.
© 2021 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.
If you need assistance during the recruiting process due to a disability, please reach out to our Recruiting Accommodations Team through the Accommodation Request form. This form is used only by individuals with disabilities who require assistance or adjustments in applying and interviewing for a job. This form is not for inquiring about a position or the status of an application.