If you need assistance during the recruiting process due to a disability, please reach out to our Recruiting Accommodations Team through the Accommodation Request form. This form is used only by individuals with disabilities who require assistance or adjustments in applying and interviewing for a job. This form is not for inquiring about a position or the status of an application.

Security Engineer III

Are you passionate about cloud and the technology needed to drive security? Do you love engineering of critical security systems and services; including Endpoint Protection, Privileged Identity Management, Intrusion Detection/Prevention, Data Leak Prevention, Web Content Filtering, Firewall Compliance, Vulnerability and Security Event Management? 

Expedia Group’s Security Engineering team is searching for a top-notch Security Engineer III who will deliver on key initiatives, starting from the idea phase all the way through requirements definition, analysis, technical specifications, engineering and deployment. This is a highly visible role that requires an understanding of our large, complex technical environment and has the ability to design/engineer simple, elegant technical security solutions.

Our team's mission is to vision, design, deploy, maintain, and automate robust security solutions to reduce security risk for EG and this role will help the team achieve that while mentoring teams and junior engineers in the team.

What you will do:

• Design and Deployment of innovative security solutions to secure Expedia Group products

• Proactively maintain, monitor and improve our systems and security posture with a focus on service excellence

• Leading solutions development and complex technical deployments across cross-functional teams

• Write and contribute to project plans, author engineering level documentation, and develop detailed test plans.

• Collaborate with business and technical teams to solve complex problems

• Influence the engineering practices within and beyond the direct team

Who you are:

• Understanding of Security Engineering fundamentals and tooling lifecycle (from Proof of Concept, Design and Deployment, to Retirement)

• Deep understanding of security tools (WAF, Bot Management, CSPM, DSPM, SAST/DAST, API + Runtime Security) to protect Cloud, Container, and hybrid infrastructure for large-scale, public-facing applications

• Ability to write complex, advanced web application detections and champion detection engineering practices (i.e., research, tooling & tuning, continuous improvement)

• Experience with writing software, scripts, and automation projects. Minimum 2 years of applied computer programming and/or scripting language experience (Java, Python, Perl, Ruby, C++ etc.)

• Hands-on experience with AWS Cloud services like EC2, VPC, S3, IAM, CloudFormation and Lambda; relevant experience with AWS cloud security is highly-preferred.

• Knowledge and understanding of systems and/or network design principles and thorough understanding of security principles and technical architectures

• Eager to solve complex technical problems; correlate and analyze log information, packet captures, security alerts, and artifacts

• Experience and Qualification: 5+ years of experience in security engineering and operations support services of a mission critical environment.

About Expedia Group 

Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™.  

© 2021 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50

Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals to whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.