Expedia Group
Base pay range
$173,000.00/yr - $242,500.00/yr Why Join Expedia?
We design cutting‑edge technology to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential to our success. We foster an open culture where everyone belongs, differences are celebrated, and we work to build a more open world. Senior Cloud Security Engineer
As part of the Security Engineering team, you will work with diverse, cutting‑edge, and large‑scale security technologies to ensure security is embedded in Expedia Group’s products and corporate infrastructure. You will be part of a collaborative, global team to help build the world’s most trusted travel platform. In This Role, You Will
Lead and conduct large‑scale proof‑of‑concept (POC) evaluations for security technology vendors Design, deploy, scale, optimize, and manage enterprise security technologies (EDR, CSPM, DSPM, container/runtime security tools, SIEM, SOAR, vulnerability management, secret and certificate management platforms) Develop automated compliance frameworks aligned with PCI, SOX, NIST CSF, CIS Benchmarks, and other industry standards Implement security standards and testing practices for web applications (OWASP Top 10, secure SDLC, SAST/DAST/IAST tools) and partner with developers to embed application security in CI/CD pipelines (GitHub Actions, Jenkins, etc.) Develop custom integrations, automation, and Infrastructure‑as‑Code (IaC) security policies across cloud‑native services, security platforms, and DevOps pipelines using Python, Go, Terraform, CloudFormation, or similar Evaluate risks of generative AI adoption and partner with AI engineering teams to embed security controls into development workflows Lead and mentor junior security engineers, and represent the security engineering team as a technical point of contact across multiple stakeholders Minimum Qualifications
Bachelor’s or Master’s Degree in Computer Science, Engineering, or related technical field; or equivalent related professional experience 8+ years in security engineering Experience with cloud security and deploying cloud infrastructure (AWS preferred) Proficiency with scripting and automation languages (Python, Go, Bash) Strong knowledge of security frameworks (NIST, CIS, MITRE ATT&CK) Preferred Qualifications
Strong expertise in web application and API security, secure SDLC, and OWASP Top 10 Proficiency with container security and orchestration platforms (Kubernetes, ECS/EKS, Docker) Experience integrating and scaling security technologies (EDR, CSPM, DSPM, SIEM/SOAR) Hands‑on experience with Terraform/CloudFormation or equivalent for secure infrastructure automation Familiarity with securing AI/ML pipelines and understanding of emerging AI threats Ability to work cross‑functionally across Architecture, Infrastructure, Security, and Engineering teams Benefits
We provide a full benefits package, including exciting travel perks, generous time‑off, parental leave, a flexible work model (with some pretty cool offices), and career development resources.
#J-18808-Ljbffr
$173,000.00/yr - $242,500.00/yr Why Join Expedia?
We design cutting‑edge technology to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential to our success. We foster an open culture where everyone belongs, differences are celebrated, and we work to build a more open world. Senior Cloud Security Engineer
As part of the Security Engineering team, you will work with diverse, cutting‑edge, and large‑scale security technologies to ensure security is embedded in Expedia Group’s products and corporate infrastructure. You will be part of a collaborative, global team to help build the world’s most trusted travel platform. In This Role, You Will
Lead and conduct large‑scale proof‑of‑concept (POC) evaluations for security technology vendors Design, deploy, scale, optimize, and manage enterprise security technologies (EDR, CSPM, DSPM, container/runtime security tools, SIEM, SOAR, vulnerability management, secret and certificate management platforms) Develop automated compliance frameworks aligned with PCI, SOX, NIST CSF, CIS Benchmarks, and other industry standards Implement security standards and testing practices for web applications (OWASP Top 10, secure SDLC, SAST/DAST/IAST tools) and partner with developers to embed application security in CI/CD pipelines (GitHub Actions, Jenkins, etc.) Develop custom integrations, automation, and Infrastructure‑as‑Code (IaC) security policies across cloud‑native services, security platforms, and DevOps pipelines using Python, Go, Terraform, CloudFormation, or similar Evaluate risks of generative AI adoption and partner with AI engineering teams to embed security controls into development workflows Lead and mentor junior security engineers, and represent the security engineering team as a technical point of contact across multiple stakeholders Minimum Qualifications
Bachelor’s or Master’s Degree in Computer Science, Engineering, or related technical field; or equivalent related professional experience 8+ years in security engineering Experience with cloud security and deploying cloud infrastructure (AWS preferred) Proficiency with scripting and automation languages (Python, Go, Bash) Strong knowledge of security frameworks (NIST, CIS, MITRE ATT&CK) Preferred Qualifications
Strong expertise in web application and API security, secure SDLC, and OWASP Top 10 Proficiency with container security and orchestration platforms (Kubernetes, ECS/EKS, Docker) Experience integrating and scaling security technologies (EDR, CSPM, DSPM, SIEM/SOAR) Hands‑on experience with Terraform/CloudFormation or equivalent for secure infrastructure automation Familiarity with securing AI/ML pipelines and understanding of emerging AI threats Ability to work cross‑functionally across Architecture, Infrastructure, Security, and Engineering teams Benefits
We provide a full benefits package, including exciting travel perks, generous time‑off, parental leave, a flexible work model (with some pretty cool offices), and career development resources.
#J-18808-Ljbffr