Security Engineer II
Expedia Group is looking for a hardworking and highly motivated Security Engineer to join the Enterprise Risk & Security Team. You will work with one of the best security teams in the world, making sure that the data we are trusted to protect is secured to the highest standard.
Do you share our real passion for solving complicated business and security problems, while minimizing friction, maximizing productivity and impact? In this position the Network Vulnerability, Application Security and Data Loss Prevention specialist is a hands-on role that requires high degree of technical expertise. Your responsibilities will include assessing identified vulnerabilities, prioritizing and driving remediation of vulnerabilities relating to systems, applications, and infrastructure devices.
'You will be responsible for leading program maturity efforts and initiatives in Vulnerability Management and Application Security functions. This includes, but not limited to: driving improvements with vulnerability scanning automation; validation of vulnerability findings; asset/network discovery; regulatory scanning requirements; driving next generation security operations approaches/tools and producing automated dashboards to measure the effectiveness of the program.
What You’ll Do:
- Perform asset, network, and application discovery activities, helping to ensure full coverage of the Expedia and the Expedia Brand environments
- Perform system and application vulnerability testing
- Review, assess, and mitigate vulnerability assessments on information systems and infrastructure
- Collate security incident and event data to produce monthly exception and management reports
- Developing program quality metrics as both program performance indicators and enterprise risk indicators
- Integrate findings across infrastructure, web application, and static code security testing to provide a holistic security posture for assets
- Monitor security vulnerability information from vendors and third parties
Who you are:
- A minimum of 3+ years job related experience in compliance or technical engineering field
- Has worked in a regulated environment, preferably taking care of PCI, SOX, SOC 2 or other federally regulated examinations
- Shown expertise in leading a compliance project and effectively handling partners
- Strong security tooling experience including automating tasks
- Knowledge and familiarity related to administering and securing operating systems, database platforms, endpoint security and network infrastructure is preferred.
- Experience with standards related to network architecture & security controls (Routers, Firewalls, networking protocols, etc.)
- Ability to recognize, analyze, and document deficiencies and articulate those deficiencies to both technical and non-technical key management personnel.
Why join us:
Expedia Group recognizes our success is dependent on the success of our people. We are the world's travel platform, made up of the most knowledgeable, passionate, and creative people in our business. Our brands recognize the power of travel to break down barriers and make people's lives better – that responsibility inspires us to be the place where exceptional people want to do their best work, and to provide them the tools to do so.
Whether you're applying to work in engineering or customer support, marketing or lodging supply, at Expedia Group we act as one team, working towards a common goal; to bring the world within reach. We relentlessly strive for better, but not at the cost of the customer. We act with humility and optimism, respecting ideas big and small. We value diversity and voices of all volumes. We are a global organization but keep our feet on the ground, so we can act fast and stay simple. Our teams also have the chance to give back on a local level and make a difference through our corporate social responsibility program, Expedia Cares.
If you have a hunger to make a difference with one of the most loved consumer brands in the world and to work in the dynamic travel industry, this is the job for you.
Our family of travel brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Egencia®, trivago®, HomeAway®, Orbitz®, Travelocity®, Wotif®, lastminute.com.au®, ebookers®, CheapTickets®, Hotwire®, Classic Vacations®, Expedia® Media Solutions, CarRentals.com™, Expedia Local Expert®, Expedia® CruiseShipCenters®, SilverRail Technologies, Inc., ALICE and Traveldoo®.
Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.