Security Engineer II (Pen Testing)

| Bellevue

Expedia

Do you love Cyber Security?

Are you someone who has a solid background in information security and seeks to join Expedia Group’s pen test team?

This is an excellent opportunity for an experienced, forward-looking red teamer (adversary attack simulation) to join enterprise security penetration testing capability at Expedia Group. This requires highly skilled and experienced penetration testing/red team specialists who can ensure Expedia Group has the ability to uncover and subsequently remediate vulnerabilities through the delivery of high vigilance and transparency.

Expedia Group is looking for you to perform pen tests on its infrastructure and applications. You will perform the full cycle of penetration testing engagements - from scoping, through threat modelling, information gathering, discovery, vulnerability assessment, active testing, pivoting and reporting.

What you’ll do

  • You'll be responsible for penetration testing and red teaming activities, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results
  • Develop and refine methodologies to conduct Red Team operations successfully and consistently covering all areas of technology
  • You will assess EG’s existing security capabilities to detect and respond to emerging threats and work with Detection team to ensure a smooth execution of testing activities (e.g. red/purple teaming, high-reaching cyber games, etc.)
  • Work with Threat Research team to develop red team scenarios in harmony with real attacks as well as business lines understanding their threats
  • You'll plan and execute complex red-team exercise by replicating, in a safe way, the strategies, techniques and procedures of threat actors, including technical coordination of activities and periodic reporting of progress to partners
  • Design and develop scripts, frameworks, tools, and the methods required for facilitating and executing complex scenarios, emulating malicious actor behavior aimed at avoiding detection
  • You will deeply document exploit chain/proof of concept scenarios and influence partners in understanding risk exposure and containment measures from vulnerabilities

Who you are

  • Bachelor’s Degree in engineering, Computer Science/Information Technology or its equivalent with enthusiasm for security researching
  • You have 6+ years of experience executing large scale penetration testing / red team testing assessments of highly critical systems
  • OSCP, OSCE, GPEN, CREST or similar certifications are a plus
  • You possess strong knowledge of security frameworks e.g. OWASP, SANS, MITRE ATT&CK Framework, Firewalls, IDS/IPS, Web Proxies and DLP among other
  • Detailed and up-to-date knowledge of wide range of security tools like Burp Suite, Nessus, Metasploit, Empire, Cobalt Strike, etc. and familiarity with common reconnaissance, exploitation, and post exploitation frameworks
  • You have the ability to develop creative tools, solutions, processes and automate tasks using a scripting language (Python, Perl, Ruby, etc.)
  • Knowledge of Linux operating systems, Source Code Analysis, Mobile Application Security, Microsoft technologies like Active Directory and others
  • You have the communication skill set to influence VPs, Directors, and other Technology Leaders to prioritize and execute remediation plans

Why join us

Expedia Group recognizes our success is dependent on the success of our people. We are the world's travel platform, made up of the most knowledgeable, passionate, and creative people in our business. Our brands recognize the power of travel to break down barriers and make people's lives better – that responsibility inspires us to be the place where exceptional people want to do their best work, and to provide them to tools to do so.

Whether you're applying to work in engineering or customer support, marketing or lodging supply, at Expedia Group we act as one team, working towards a common goal; to bring the world within reach. We relentlessly strive for better, but not at the cost of the customer. We act with humility and optimism, respecting ideas big and small. We value diversity and voices of all volumes. We are a global organization but keep our feet on the ground so we can act fast and stay simple. Our teams also have the chance to give back on a local level and make a difference through our corporate social responsibility program, Expedia Cares.

If you have a hunger to make a difference with one of the most loved consumer brands in the world and to work in the dynamic travel industry, this is the job for you.

Our family of travel brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Egencia®, trivago®, HomeAway®, Orbitz®, Travelocity®, Wotif®, lastminute.com.au®, ebookers®, CheapTickets®, Hotwire®, Classic Vacations®, Expedia® Media Solutions, CarRentals.com™, Expedia Local Expert®, Expedia® CruiseShipCenters®, SilverRail Technologies, Inc., ALICE and Traveldoo®.

*LI-CW1

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.

Read Full Job Description

Technology we use

  • Engineering
    • C#Languages
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • PerlLanguages
    • PHPLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • SwiftLanguages
    • AWSLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • ASP.NETFrameworks
    • CakePHPFrameworks
    • Ember.jsFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • CassandraDatabases
    • DB2Databases
    • HBaseDatabases
    • HiveDatabases
    • Microsoft SQL ServerDatabases
    • MongoDBDatabases
    • TeradataDatabases

Location

Our new Seattle campus in Interbay is on the beach with sweeping views of the Puget Sound and Cascades.

What are Expedia Group Perks + Benefits

Culture
Volunteer in local community
Day of Caring Volunteer Hours match
Team owned deliverables
Diversity
Diversity manifesto
We act with humility and optimism, respecting ideas big and small. We value diversity and voices of all volumes.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Family Medical Leave
Vacation & Time Off Benefits
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Parking
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns

Additional Perks + Benefits

We believe everyone deserves - NEEDS - time away from the office and we encourage employees to take advantage of their paid time off. We offer travel discounts to make it even easier to get out and see the world.

More Jobs at Expedia Group213 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
HR
Legal
Marketing
Operations
Product
Project Mgmt
Sales
Content
Content
new
Bellevue
Project Mgmt
new
Bellevue
Finance
new
Bellevue
Marketing
new
Bellevue
Operations
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Operations
new
Bellevue
Developer
new
Bellevue
Sales
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Finance
new
Bellevue
Marketing
new
Bellevue
Finance
new
Bellevue
Finance
new
Bellevue
Finance
new
Bellevue
Finance
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Design + UX
new
Bellevue
Project Mgmt
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Seattle
Project Mgmt
new
Bellevue
Operations
new
Bellevue
Operations
new
Bellevue
Product
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Finance
new
Bellevue
Operations
new
Bellevue
Data + Analytics
new
Bellevue
Operations
new
Bellevue
Operations
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Project Mgmt
new
Bellevue
Sales
new
Bellevue
Operations
new
Bellevue
Finance
new
Bellevue
Operations
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Developer
new
Seattle
Developer
new
Seattle
Marketing
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Finance
new
Bellevue
Developer
new
Bellevue
Design + UX
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Design + UX
new
Bellevue
Developer
new
Bellevue
Operations
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Product
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Project Mgmt
new
Bellevue
Data + Analytics
new
Bellevue
Project Mgmt
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Product
new
Bellevue
Sales
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Project Mgmt
new
Bellevue
Project Mgmt
new
Bellevue
Product
new
Bellevue
Finance
new
Bellevue
Operations
new
Bellevue
Product
new
Seattle
Finance
new
Bellevue
Developer
new
Bellevue
Project Mgmt
new
Bellevue
Project Mgmt
new
Bellevue
Finance
new
Bellevue
Product
new
Bellevue
Operations
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Operations
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Finance
new
Bellevue
Project Mgmt
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Content
new
Bellevue
Finance
new
Bellevue
Data + Analytics
new
Bellevue
Marketing
new
Bellevue
Finance
new
Bellevue
Product
new
Seattle
Project Mgmt
new
Bellevue
Marketing
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Seattle
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Content
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Product
new
Bellevue
Operations
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Product
new
Bellevue
Operations
new
Bellevue
Finance
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Design + UX
new
Bellevue
Marketing
new
Bellevue
Finance
new
Bellevue
Data + Analytics
new
Bellevue
Product
new
Bellevue
Data + Analytics
new
Bellevue
Finance
new
Bellevue
Project Mgmt
new
Bellevue
Finance
new
Bellevue
Developer
new
Bellevue
Product
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Data + Analytics
new
Bellevue
Project Mgmt
new
Bellevue
Project Mgmt
new
Bellevue
Finance
new
Bellevue
Data + Analytics
new
Bellevue
Content
new
Bellevue
Sales
new
Bellevue
Marketing
new
Bellevue
HR
new
Bellevue