Senior Enterprise Security Architect

Expedia Group

Location: Austin, Texas, Seattle, Washington

Job Type: Full time

Posted


If you need assistance during the recruiting process due to a disability, please reach out to our Recruiting Accommodations Team through the Accommodation Request form. This form is used only by individuals with disabilities who require assistance or adjustments in applying and interviewing for a job. This form is not for inquiring about a position or the status of an application.

Senior Enterprise Security Architect

At Expedia Group, Enterprise Security Architecture plays an integral role in defining and assessing our company's security strategy, architecture, and practices. Our team works to effectively translate our business objectives and risk management strategies into specific security processes enabled by security technologies and services. We establish patterns for security which are incorporated in our commerce platforms and enterprise technology to ensure everything Expedia Group does is trusted. We assist our business partners with understanding security and why it is so important for everyone to be involved.

As a Senior Enterprise Security Architect, you will be a key strategic partner in helping our business assess and mitigate risk in their technology investments and business processes. You will use common practices such as threat modeling and your experience in application security to objectively identify real risk and provide requirements and recommendations to our partners to ensure their investments are Secure by Design. Drawing on your wealth of knowledge and industry expertise, you will create common patterns for securing applications which will be adopted by all of Expedia Group. As a team - We look to each other for mentorship and push one another to simplify. We trust one another and we choose fearlessly. We are inclusive and through that, we go get what’s next. Above all else – we have fun!

What you’ll do:

  • Track developments and changes in digital business and cyber security domains ensuring that new developments are adequately addressed in security strategy and applied in assessments

  • Lead security assessments of technology and business processes to identify and mitigate risk before the investments are built or operationalized

  • Provide guidance when evaluating the impacts of a solution to ensure linkages between structure, people, process, and technology

  • Consult on security in design across all of Expedia Group

  • Responsible for consulting on architecture designs to be implemented in alignment with North Star vision

  • Coordinate with DevOps teams to advocate secure coding and infrastructure practices

  • Support and advise EG technologists and business partners via communities of practice or related forums

  • Develop and maintain architecture standards and patterns to be incorporated in Expedia Group processes and technologies

Who you are:

  • Bachelor's or Master's degree in a related technical field; or equivalent related professional experience

  • Industry recognized Security Certification, is a plus

  • 6 - 8 years of relevant experience

  • Demonstrates expert skills for multiple domains and builds systems that interact across a business unit

  • Worked in at least 2 multi-quarter projects

  • Worked in decentralized teams and projects

  • Able to justify architecture or technology choices to both technical and non-technical observers

  • Understands that technology or automation doesn't solve every problem

  • Direct, hands-on experience or solid understanding of application security and secure coding practices

  • Demonstrated experience designing and delivering software solutions using common programming languages such as Java, Go or C#

  • Verifiable experience reviewing application code for security vulnerabilities and understanding of vulnerability management tools

  • Expertise in methodologies to conduct threat-modeling exercises on new applications and services

  • Understanding and demonstrated application of offensive security testing practices

  • Comprehension of regulations, standards, and frameworks such as PCI-DSS, SOX, GDPR, ISO 27001/2, NIST CSF and SOC 2

The total cash range for this position in Seattle is $161,500 to $226,000. Employees in this role have the potential to increase their pay up to $258,500, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

The total cash range for this position in Austin is $161,500.00 to $226,000.00. Employees in this role have the potential to increase their pay up to $258,500.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.

Expedia Group is proud to offer a wide range of benefits to support employees and their families, including medical/dental/vision, paid time off, and an Employee Assistance Program. To fuel each employee’s passion for travel, we offer a wellness & travel reimbursement, travel discounts, and an International Airlines Travel Agent (IATAN) membership.View our full list of benefits.

About Expedia Group

Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™.

© 2021 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50

Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals to whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.
You’ve got this!