If you need assistance during the recruiting process due to a disability, please reach out to our Recruiting Accommodations Team through the Accommodation Request form. This form is used only by individuals with disabilities who require assistance or adjustments in applying and interviewing for a job. This form is not for inquiring about a position or the status of an application.
Principal Security Engineer
Are you passionate about cloud and the technology needed to drive security? Do you love architecting & engineering critical security systems and services, including Privileged Identity Management, Intrusion Detection, Data Loss Prevention, Web Content Filtering, Firewall Compliance, Vulnerability and Security Event Management? Consider joining a team of Security professionals who are focused and dedicated! The Principal, Security Engineer on the Security Solutions Engineering team at Expedia Group is a role that showcases your security expertise and allows you to impact how security systems are conceptualized, designed and implemented at scale supporting nearly 100 billion in gross bookings yearly.
As a Principal Security Engineer, you will be driving the thought leadership in this space to build a first-class approach to enable success of the security teams. This role will drive the partnerships and security technology integration conversations with Senior Tech and Platform leadership, as well as the continual evaluation and enhancement of capabilities, controls, automation and efficacy. This role focuses on protecting the EG Brand and is an integral part of the global security team that is responsible for securing Expedia’s travel platform.
What you’ll do:
Proactively team up with peers across the organization to build an understanding of cross dependencies and shared problem-solving
Own the Security Technology Strategy as a direction, not destination
Defines and maintains Security Solutions Service capability and definitions
Align Strategy to Development and Tech Platforms for automated pipeline integration
Ensure security tooling aligns to strategy, and is appropriately delivered and maintained
Exhibit comfort working with several forms of security technologies spanning across Edge to End Point protection and everything in between
Design, streamline and automate sophisticated or non-routine security tooling to ensure they meet architecture requirements
Build and maintain key stakeholder partnerships, and ensure efficacy of security capabilities, adoption, and awareness
Provide guidance when evaluating the impacts of a security solution to ensure linkages between structure, people, process, and technology
Lead security assessments & proof of value/concepts of technology and business processes to identify and mitigate risk before the investments are built or operationalized
Who you are:
Possess a minimum of 8 years of relevant Security experience and 10 years of technical engineering experience
Visionary, Pragmatic, intrinsically motivated and adapt with the pace of work environment
Technical leader and proactive collaborator that develops, mentors, and supports colleagues and business partners
Communicate in a concise and understandable way that generates positive results . Able to simplify security and technical concepts for engineers, developers, business, and technology teams.
Familiarity and experience with senior and executive management level reporting
Possess effective project and program management skills (task identification, prioritization, and documentation)
Expertise in multiple technology and security domains, and builds capabilities that interact across business units
A problem solver with deep understanding of security systems design and architecture of large scale, distributed and stateful systems
Demonstrated knowledge and understanding of security systems and/or network design principles and thorough understanding of security principles and technical architectures
Experience securing, designing, or deploying applications and infrastructure into public cloud services
Demonstrated experience in designing & managing security tools lifecycle for capabilities (most or all ) : Container Security, Privileged Identity Management, Intrusion Detection, Data Loss Prevention, Web Content Filtering, Firewall Compliance, Vulnerability Management & Threat Intelligence
Comprehension of regulations, standards, and frameworks such as PCI-DSS, SOX, GDPR, ISO 27001/2, NIST CSF and SOC 2
#LI-AM4
At Expedia Group, we believe in bringing people together and creating an inclusive workplace where everyone belongs and can do their best work. We care about our employees’ safety and well-being, so we’re requiring new hires in the U.S. to be fully vaccinated against COVID-19 and attest to their vaccination status before their start date as a condition of employment. Expedia Group will consider requests for a reasonable accommodation as required under applicable law.
About Expedia Group
Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™.
© 2021 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50
Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals to whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is lifeatexpediagroup.com/jobs.
Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.
