Expedia , Inc.
Senior Security Software Engineer
Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success. Why Join Us?
To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and we know that when one of us wins, we all win. We provide a full benefits package, including travel perks, generous time off, parental leave, a flexible work model, and career development resources to fuel our employees' passion for travel and ensure a rewarding career journey. Were building a more open world. Join us. Introduction to the team
Expedia Technology teams partner with our Product teams to create innovative products, services, and tools to deliver high-quality experiences for travelers, partners, and employees. A centralized technology platform powered by data and machine learning provides secure, differentiated, and personalized experiences that drive loyalty and traveler satisfaction. As part of the Security Engineering team, you will work with diverse, cutting-edge, and large-scale security technologies to ensure security is embedded in Expedia Groups products and corporate infrastructure. You would be part of a collaborative, global team to help build the worlds most trusted travel platform. In this role, you will Lead and conduct large-scale proof-of-concept (POC) evaluations for security technology vendors Design, Deploy, scale, optimize, and manage enterprise security technologies (EDR, CSPM, DSPM, container/runtime security tools, SIEM, SOAR, Vulnerability Management, Secret and Certificate Management platforms) Develop automated compliance frameworks aligned with PCI, SOX, NIST CSF, CIS Benchmarks, and other industry standards Implement security standards and testing practices for web applications (OWASP Top 10, secure SDLC, SAST/DAST/IAST tools) and partner with developers to embed application security in CI/CD pipelines (GitHub Actions, Jenkins, etc.) Develop custom integrations, automation, and Infrastructure-as-Code (IaC) security policies across cloud-native services, security platforms, and DevOps pipelines using Python, Go, Terraform, and CloudFormation Evaluate risks of generative AI adoption and partner with AI engineering teams to embed security controls into development workflows Lead and mentor junior security engineers, and represent the security engineering team as a technical point of contact across multiple stakeholders
Minimum Qualifications
Bachelors or Masters Degree in Computer Science, Engineering, or related technical field; or equivalent related professional experience 8+ years in security engineering Experience with cloud security and deploying cloud infrastructure (AWS preferred) Proficiency with scripting and automation languages (Python, Go, Bash) Strong knowledge of security frameworks (NIST, CIS, MITRE ATT&CK)
Preferred Qualifications
Strong expertise in web application and API security, secure SDLC, and OWASP Top 10 Proficiency with container security and orchestration platforms (Kubernetes, ECS/EKS, Docker) Experience integrating and scaling security technologies (EDR, CSPM, DSPM, SIEM/SOAR) Hands-on experience with Terraform/CloudFormation or equivalent for secure infrastructure automation Familiarity with securing AI/ML pipelines and understanding of emerging AI threats Ability to work cross-functionally across Architecture, Infrastructure, Security, and Engineering teams
Compensation and Benefits
The total cash range for this position in Seattle is $173,000.00 to $242,500.00. Employees in this role have the potential to increase their pay up to $277,000.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role. The total cash range for this position in Austin is $173,000.00 to $242,500.00. Employees in this role have the potential to increase their pay up to $277,000.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role. Starting pay for this role will vary based on multiple factors, including location, available budget, and an individuals knowledge, skills, and experience. Pay ranges may be modified in the future. Expedia Group is proud to offer a wide range of benefits to support employees and their families, including medical/dental/vision, paid time off, and an Employee Assistance Program. We offer wellness and travel reimbursement, travel discounts, and an International Airlines Travel Agent (IATAN) membership. View our full list of benefits. Accommodation and Equal Opportunity
Accommodation requests: If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request. We are proud to be named a Best Place to Work on Glassdoor in 2024 and to be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others. Expedia Groups family of brands includes: Brand Expedia, Hotels.com, Expedia Partner Solutions, Vrbo, trivago, Orbitz, Travelocity, Hotwire, Wotif, ebookers, CheapTickets, Expedia Group Media Solutions, Expedia Local Expert, CarRentals.com, and Expedia Cruises. Employment opportunities and job offers at Expedia Group will always come from Expedia Groups Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless youre confident who the recipient is. Our official job openings site is careers.expediagroup.com/jobs. Expedia Group is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. #J-18808-Ljbffr
Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success. Why Join Us?
To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and we know that when one of us wins, we all win. We provide a full benefits package, including travel perks, generous time off, parental leave, a flexible work model, and career development resources to fuel our employees' passion for travel and ensure a rewarding career journey. Were building a more open world. Join us. Introduction to the team
Expedia Technology teams partner with our Product teams to create innovative products, services, and tools to deliver high-quality experiences for travelers, partners, and employees. A centralized technology platform powered by data and machine learning provides secure, differentiated, and personalized experiences that drive loyalty and traveler satisfaction. As part of the Security Engineering team, you will work with diverse, cutting-edge, and large-scale security technologies to ensure security is embedded in Expedia Groups products and corporate infrastructure. You would be part of a collaborative, global team to help build the worlds most trusted travel platform. In this role, you will Lead and conduct large-scale proof-of-concept (POC) evaluations for security technology vendors Design, Deploy, scale, optimize, and manage enterprise security technologies (EDR, CSPM, DSPM, container/runtime security tools, SIEM, SOAR, Vulnerability Management, Secret and Certificate Management platforms) Develop automated compliance frameworks aligned with PCI, SOX, NIST CSF, CIS Benchmarks, and other industry standards Implement security standards and testing practices for web applications (OWASP Top 10, secure SDLC, SAST/DAST/IAST tools) and partner with developers to embed application security in CI/CD pipelines (GitHub Actions, Jenkins, etc.) Develop custom integrations, automation, and Infrastructure-as-Code (IaC) security policies across cloud-native services, security platforms, and DevOps pipelines using Python, Go, Terraform, and CloudFormation Evaluate risks of generative AI adoption and partner with AI engineering teams to embed security controls into development workflows Lead and mentor junior security engineers, and represent the security engineering team as a technical point of contact across multiple stakeholders
Minimum Qualifications
Bachelors or Masters Degree in Computer Science, Engineering, or related technical field; or equivalent related professional experience 8+ years in security engineering Experience with cloud security and deploying cloud infrastructure (AWS preferred) Proficiency with scripting and automation languages (Python, Go, Bash) Strong knowledge of security frameworks (NIST, CIS, MITRE ATT&CK)
Preferred Qualifications
Strong expertise in web application and API security, secure SDLC, and OWASP Top 10 Proficiency with container security and orchestration platforms (Kubernetes, ECS/EKS, Docker) Experience integrating and scaling security technologies (EDR, CSPM, DSPM, SIEM/SOAR) Hands-on experience with Terraform/CloudFormation or equivalent for secure infrastructure automation Familiarity with securing AI/ML pipelines and understanding of emerging AI threats Ability to work cross-functionally across Architecture, Infrastructure, Security, and Engineering teams
Compensation and Benefits
The total cash range for this position in Seattle is $173,000.00 to $242,500.00. Employees in this role have the potential to increase their pay up to $277,000.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role. The total cash range for this position in Austin is $173,000.00 to $242,500.00. Employees in this role have the potential to increase their pay up to $277,000.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role. Starting pay for this role will vary based on multiple factors, including location, available budget, and an individuals knowledge, skills, and experience. Pay ranges may be modified in the future. Expedia Group is proud to offer a wide range of benefits to support employees and their families, including medical/dental/vision, paid time off, and an Employee Assistance Program. We offer wellness and travel reimbursement, travel discounts, and an International Airlines Travel Agent (IATAN) membership. View our full list of benefits. Accommodation and Equal Opportunity
Accommodation requests: If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request. We are proud to be named a Best Place to Work on Glassdoor in 2024 and to be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others. Expedia Groups family of brands includes: Brand Expedia, Hotels.com, Expedia Partner Solutions, Vrbo, trivago, Orbitz, Travelocity, Hotwire, Wotif, ebookers, CheapTickets, Expedia Group Media Solutions, Expedia Local Expert, CarRentals.com, and Expedia Cruises. Employment opportunities and job offers at Expedia Group will always come from Expedia Groups Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless youre confident who the recipient is. Our official job openings site is careers.expediagroup.com/jobs. Expedia Group is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. #J-18808-Ljbffr