Join us on our mission to power global travel
for everyone, everywhere.

View my profile

Security Engineer III

United Kingdom - London


Security Engineer III

Position Overview:

This position, in conjunction with its counterparts, will be responsible for Expedia Group Application Security, focused on AppSec Capabilities / Scope/ Implementation / Evolution, as it pertains to the operational Service and Tooling ownership within Threat and Attack Surface Management.  This includes CICD pipeline security integration, testing, detection, and prevention for *AST and SCA, as well as close partnership with Penetration Testing and Crowdsourced security.  This position will facilitate the partnerships and integration conversations with Tech and Platform leadership, as well as the continual evaluation and enhancement of coverage capabilities, controls, and efficacy.

This position focuses on protecting the EG Brand and is an integral part of the global security team that is responsible for securing Expedia’s travel platform that supports $99 billion worth of bookings a year!

What You’ll Do: 

  • Influences and maintains AppSec Service capability and definitions
  • Align Strategy to Development and Tech Platforms for automated pipeline integration
  • Ensure AppSec tooling aligns to strategy, and is appropriately delivered and maintained to enable full shift-left adoption
  • Build and maintain key internal partnerships, and ensure efficacy of AppSec capabilities, adoption, and awareness
  • Oversee AppSec Tooling / Third party service providers to ensure accountability and efficacy of delivery
  • Evaluate and analyze AppSec vulnerability and threat trends to sponsor programmatic and systemic improvements

Who You Are:

  • Visionary  -  Pragmatic  -  Intrinsically motivated - adapt with the pace of work environment
  • Proactive collaborator that develops and supports colleagues and business partners
  • Communicate in a concise and understandable way that generates positive results .  Able to simplify security and technical concepts for application developers, business and technology teams
  • Familiarity and experience with up-level reporting
  • Possess effective project and program management skills (task identification, prioritization, and documentation)
  • Expertise in multiple technology and security domains, and builds capabilities that interact across business units
  • A background in software development or application security across multiple common languages such as Java, Go, Kotlin, C#, and Python.
  • Familiarity with common offensive security testing practices.
  • Experience securing, designing, or deploying applications and infrastructure into public cloud services
  • Familiarity and Experience with most or all: PrismaCloud/Twistlock,SQL, Python, Agile, JIRA, OWASP, NIST, GitHub, *AST, SCA, Vulnerability Scanning, AWS, Azure, Google Cloud  Container, Kubernetes, Docker, Fargate
  • Possess a minimum of 3 years of relevant Security experience and 5 years of technical engineering experience
  • Understand Regulations, Standards, and Frameworks such as PCI-DSS, SOX, GDPR, ISO 27001/2, NIST CSF, and SOC 2


Relocation (Y/N): N

About Expedia Group 

Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®,®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®,™, and Expedia Cruises™.  

© 2021 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.


Job Category
Technology Group

Job Function
Technical Operations

United Kingdom - London
United States - Texas - Austin
United States - Illinois - Chicago
United States - Washington - Seattle

Job Type
Full-Time Regular

Similar Jobs

If you need assistance during the recruiting process due to a disability, please reach out to our Recruiting Accommodations Team through the Accommodation Request form. This form is used only by individuals with disabilities who require assistance or adjustments in applying and interviewing for a job. This form is not for inquiring about a position or the status of an application.

Don’t forget to follow us!

Find out more about our global family by following us on social.


Already applied? View your account

Interviewing at Expedia Group

Go to top