Seniority: Mid levelExpedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success.Why Join Us?To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win.We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We're building a more open world. Join us.Role SummaryWorking as a part of the follow the sun 24/7 operating model this role will be the first line of defense monitoring security event alerts across a numerous technologies and brands from phishing alerts: identity, cloud, EDR, network, UEBA, API, WAF, user and other team reported events.In this role, you will:Perform advanced level of security investigation on following areas: Application Security, Cloud Security, Data Security, Network Security and Perimeter Security.Gather data and drill down to root cause analysis, ability to proactively recommend effective courses of containment, remediation and communicate to the various levels in the organization.Analyze security events, vulnerabilities, and misconfigurations, and partner with engineering teams to drive timely remediation and long-term risk reduction.Responsible for the immediate escalation of Security issues ensuring adherence to SLAs and driving resolution/mitigation.Flexibility as the position will require shifts to cover 24x7 follow the sun in line with US and APAC operations.Minimum Qualifications:Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field, or equivalent practical experience.Professional experience in security engineering, security operations, or related software/infrastructure engineering roles, including hands-on work with security tooling and controls.Experience owning and operating security capabilities or services end-to-end, including monitoring, triage, and incident response within a production environment.Proficiency with core security concepts such as authentication/authorization, encryption, network security, vulnerability management, and secure configuration of cloud or on-premises systems.Familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real world products in a secure manner.Preferred Qualifications:Experience working in a security operations center or CSIRT function.Working with EDR solutions and forensics experienceCloud security experienceCybersecurity certifications
