Security Engineer III

If you need assistance during the recruiting process due to a disability, please reach out to our Recruiting Accommodations Team through the Accommodation Request form . This form is used only by individuals with disabilities who require assistance or adjustments in applying and interviewing for a job. This form is not for inquiring about a position or the status of an application.

Security Engineer III

Our team at Expedia Group is primarily engaged in the design, development, deployment, and maintenance of the Certificate and Secret Management Platform within our compute environment.

We partner with different EG teams to help them onboard their applications, leverage cloud technologies and principles while maintaining strong security, governance, resiliency, and reliability.

We are looking for a high-performing individual contributor who acts as a mentor to more junior engineers, applies new engineering principles to improve existing systems, and is responsible for leading complex, well-defined projects.

What you will do:

1. Analyze requirements and assist with the design of architecture for central processing.
2. Research information, data, trends, and best practices in emerging technology and share beneficial information with relevant stakeholders.
3. Investigate standard or routine issues or incidents and draft concise, balanced, evidence-based reports on findings.
4. Conduct rigorous tests and inspections of products, services, solutions, or processes to evaluate quality or performance.
5. Demonstrate knowledge of advanced and relevant technology.
6. Exhibit comfort working with several forms of technology.
7. Understand the relationship between applications, databases, and technology platforms.
8. Bring together different stakeholders with varied perspectives to develop solutions to issues and contribute own suggestions.
9. Think holistically to identify opportunities around policies/processes to increase efficiency across organizational boundaries.
10. Assist with a whole systems approach to analyzing issues by ensuring all components (structure, people, process, and technology) are identified and accounted for.
11. Perform routine responsibilities to procure, distribute, and maintain an inventory of technology assets, gaining depth of knowledge in this functional area.
12. Gather pertinent information about a problem by analyzing data and patterns and identifying underlying issues.
13. Research and recommend more detailed solutions to resolve problems.
14. Implement solutions based on advanced knowledge of standard practices and previous experiences; escalate complex or unprecedented issues as needed.
15. Perform more advanced information security engineering responsibilities, including engineering security solutions for non-routine assignments.
16. Evaluate threat intelligence findings including attacker tactics, techniques, and procedures to suggest and implement security technology solutions to proactively identify and prevent security threats.
17. May evaluate, implement, manage, and maintain a variety of information security systems and hardware including but not limited to intrusion prevention systems, packet capture systems, firewalls, security information & event management (SIEM) systems, log analysis platforms, endpoint detection and response platforms, anti-malware engines, malware sandboxes, email threat analysis systems, etc.
18. May implement custom software, scripts, policies, extensions, or APIs to support the identification and prevention of information security threats.
19. Collaborate with security operations analysts to understand and design solutions to security threats actively being observed and monitored in the environment.

Who you are:

1. 5+ years for Bachelor's or 3+ years for Master's or equivalent experience.
2. Has strength in a couple of programming languages and/or one language with multiple technology implementations.
3. Familiarity with the following technologies:
4. HashiCorp Terraform
5. Secret Management using Vault
6. Certificate Management
7. GitHub, GitHub Actions
8. AWS EC2, Fargate, MSK, EFS, S2
9. Networking concepts including firewall rules, DNS, AWS VPC, routing and peering.
10. Identifies strengths and weaknesses among programming languages for use cases.
11. Selects among technology available to implement and solve for need.
12. Can independently implement threat mitigations in technology platforms and can engineer sensitive systems to support security operations with guidance from more senior individual contributors.

The total cash range for this position in Seattle is $109,000.00 to $152,500.00. Employees in this role have the potential to increase their pay up to $174,500.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.

Expedia Group is proud to offer a wide range of benefits to support employees and their families, including medical/dental/vision, paid time off, and an Employee Assistance Program. To fuel each employee’s passion for travel, we offer a wellness & travel reimbursement, travel discounts, and an International Airlines Travel Agent (IATAN) membership. View our full list of benefits .

About Expedia Group

Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia, Hotels.com, Expedia Partner Solutions, Vrbo, trivago, Orbitz, Travelocity, Hotwire, Wotif, ebookers, CheapTickets, Expedia Group Media Solutions, Expedia Local Expert, CarRentals.com, and Expedia Cruises.

Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals to whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs .

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.