Security Engineer III

Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success.

Why Join Us?

To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win.We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We’re building a more open world. Join us.

Introduction to the Team

The Threat and Attack Surface Management team minimizes the impact of cybersecurity incidents. The team is comprised of Senior Security Engineers who operationalize programs and are supported by a team of Senior and Junior Security Analysts. The team is also supported by a Vulnerability Operations Team that works with compliance and drives urgent remediations. They also utilises the latest detection technologies for Host, 3rd Party, Container and Code vulnerabilities across Expedia's Hybrid environments.

In This Role, You Will

• Demonstrates functional/technical acumen. Becoming a SME in the domain
• Demonstrates the ability to understand attack surface management contemporary practices, is doing and implements/influences these practices within the team
• Demonstrates Cybersecurity knowledge: Attack Surface Management, Vulnerability Management, Threat Hunting, Risk Prioritization may start specializing into niche areas (DevSecOps, Application Security, etc);
• Demonstrates Networking skills
• Demonstrates System Administration (AWS, Azure, Google Cloud)
• Intermediate understanding of different application layers (knowledge of web vs back end vs streaming apps)
• Demonstrates Scripting (writes more complex scripts; scripts become cleaner and person is able to comment (Python, Powershell, etc))
• Utilizes advanced analytics and research to create solutions to complex and highly ambiguous tasks.
• Develops selection methods, techniques, and evaluation criteria to ensure sucess.
• Owns & leads a project or feature within one's own organization (Security Operations)
• Leads a small project/program (works with one division to roll out a new program)
• Utilizes knowledge to improve processes, tools, etc.
• Develops methods and procedures on unique work; may coordinate activities of other personnel
• Begins networking relationships with disparate stakeholders to achieve team goals.
• Supports Senior Security Engineers
• Begins to network and build relationships with people on other teams
  

Experience And Qualifications

• You have a master's degree or Ph.D. in Computer Science, Statistics, Math, Engineering, or related technical field; or equivalent related professional experience
• Bachelor's or master's degree in a related technical field; or equivalent related professional experience
• Have 4.5+ years of Cybersecurity experience; Network Engineer; System Admin; Dev Ops Engineer; Back End Developer (algorithms, complex problems)
• Understand attack surface management and influencing team practices, demonstrating cybersecurity (vulnerability management, threat hunting, specialization areas like pen testing)
• Knowledge of networking (MPLS/GRE tunnels, BGP, VPN deployment), system administration (AWS, Azure, Google Cloud), understanding of application layers (web, backend, streaming apps)
• Must know scripting (complex, clean, well-commented scripts in Python, PowerShell).
• Functional/ Technical Skills, CISSP or CISSP Associate, CISA, CISM; Solutions Architect - Associate; SysOps Admin - Assoc, CCNA, CCDA, CompTIA Network+, CompTiA Linux+ LPIC-1, CompTiA Cloud + HCNA, MCSA, OpenSTack Admin, SCA, RHCSA, RCT, CCNA, CompTIA Security+, CompTIA Server+, CCIA, CEH, CHFI GCIH, GSEC, GISP, MCSA Windows Server 2012
  

Accommodation requests

If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request.We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others.Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™. © 2024 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.