Security Operations Analyst III (GRC Platform Enablement)

Are you a highly motivated, experienced & curious security risk and compliance professional who can address the challenges of increasing our security posture across Expedia Group (EG)? Can you play a lead technical role in an enterprise-wide security risk and compliance program, collaborate cross functionally to provide technical support for compliance requirements and critical initiatives? Do you have the discipline to deliver results with a strong passion for ownership and driving change?

Expedia Group Security (EGS) is seeking an experienced Security Operations Analyst III to play a critical trusted advisor and technical support role ensuring Expedia Group’s Governance Risk and Compliance Platform is configured and developed in a secure and compliant manner. As a key technical support leader within the Governance, Risk & Compliance (GRC) team, this role will be responsible for further establishing our Platform Enablement function, focused on supporting security, compliance, and Risk through technical expertise across Expedia Group. This role will help by leading the configuration the GRC Platform, and collaborating within Security and across multiple governance, risk and compliance groups to ensure requirements are met.

Beyond possessing domain knowledge on security risk and compliance (preferably in a highly dynamic environment), you are organized, resourceful and able to build strong relationships and trust across the enterprise. In this role, you demonstrate your ability to support a complex and changing tool, analyze and think out-of-box to find solutions to hard technical problems, and execute towards the enterprise security north star. Your knowledge and experience with security frameworks and compliance initiatives, such as NIST CSF, ISO 27xxx, PCI, and SOC 2 will be an asset.

What you’ll do:

• Own the business configuration of Expedia Groups Governance Risk and Compliance tool

• Serve as an internal senior trusted advisor providing best practices for platform build out and maintenance

• Coordinate with tool stakeholders to ensure business needs are met within the platform

• Coordinate with other technical and development resources when appropriate

• Promote and foster collaboration and standardization across multiple Governance, risk and compliance teams to ensure consistent outcomes and a single voice to the business

• Establish credibility and maintain strong working relationships with stakeholders and partners to understand enterprise objectives, initiatives, and issues related to the management of the GRC tool

• Report and communicate status and metrics to stakeholders and partners in a consistent voice and format

Who you are:

• Bachelor's degree in Computer Science or Information Security or in related technical field; or equivalent related professional experience and cyber security certifications

• 6+ years’ experience in a dedicated information security, risk, compliance, or technical tool management field, with a working understanding and ability to support with information security risk and compliance activities

• Knowledge of enterprise cybersecurity management practices, governance, and risk/compliance assessment methodologies

• Technical security and architecture knowledge with the ability to recognize, analyze and document platform issues and articulate those to both technical and non-technical personnel

• Superb communication and relationship skills, especially the ability to understand and articulate advanced technical topics and build consensus among stakeholders and partners

• An understanding of Information Security frameworks, processes, technologies, and practices, including NIST and ISO27xxx standards

• Knowledge of regulatory and industry frameworks such as NIST, ISO, PCI, SOC2, etc.

• Information Security Certification(s) such as CISSP, CRISC, CISA, CISM or similar certifications preferred

#LI-MY2

The total cash range for this position in Chicago is $95,500 to $134,000. Employees in this role have the potential to increase their pay up to $153,000, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

The total cash range for this position in Austin is $104,000 to $145,500. Employees in this role have the potential to increase their pay up to $166,500, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

The total cash range for this position in WA Virtual is $104,000 to $145,500. Employees in this role have the potential to increase their pay up to $166,500, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.

Expedia Group is proud to offer a wide range of benefits to support employees and their families, including medical/dental/vision, paid time off, and an Employee Assistance Program. To fuel each employee’s passion for travel, we offer a wellness & travel reimbursement, travel discounts, and an International Airlines Travel Agent (IATAN) membership.View our full list of benefits.