Expedia, Inc.
Security Compliance Analyst III
Expedia, Inc., Seattle, Washington, us, 98127
Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success.Why Join Us?To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win.We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a global hybrid work setup (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We’re building a more open world. Join us.Security Compliance Analyst IIIExpedia Product & Technology builds innovative products, services, and tools to deliver high-quality experiences for travelers, partners, and our employees. A singular technology platform powered by data and machine learning provides secure, differentiated, and personalized experiences for the traveler and our partners that drive loyalty and customer satisfaction.The Security Compliance Analyst III role sits on the Policy Management team in the Expedia Technology Security & Privacy (ETSP) organization. Security risk management is the systematic process of identifying, analyzing, mitigating, and reporting the threats and vulnerabilities that pose a risk to our organization's information systems and assets. Security policies and standards are the set of rules, guidelines, and procedures that facilitate the implementation and enforcement of the risk management strategy. They are crucial for ensuring that the organization's security objectives are consistent with our business goals, regulatory obligations, and best practices. Together, the ETSP Policy and Risk Management teams aim to enable our organization to balance the demand for security and privacy with the demand for innovation and performance.In this role you will:Write, edit, maintain, and support security policies and standards.Evaluate security requirements and controls for design, effectiveness, and gaps.Represent security policy to business stakeholders.Support compliance initiatives and projects as needed, such as GDPR compliance, ISO 27001 certification, PCI DSS compliance authorization, and SOC 2 audits.Collaborate with legal and compliance teams to ensure policies meet legal requirements and industry regulations.Partner with compliance teams on audits and assessments and stay informed about regulatory updates.Assist with security policy exception requests, reviews, and monitoring.Understand the business organizational structure and culture to best attain objectives and results.Experience and Qualifications:You have 5 + years’ experience in information security, risk, compliance, governance, or privacy required.You have a bachelor's degree in Computer Science or Information Security or related technical field; or equivalent related professional experience.Preferred: You have knowledge and experience with NIST CSF, ISO 27001, ISO 27018, PCI, SSAE 18, or SOC 2.Preferred: You have Cyber Security Certification.Preferred: You are experienced leading small teams in a collaborative environment.You have extensive experience in writing or managing security policies.You have excellent writing and communication skills.You have experience with technology, data security, and data privacy concepts.You have a proven ability to explain and defend positions to internal and external stakeholders.You possess a strong sense of ownership and urgency.You possess a strong foundation in Information Security principles and practices.The total cash range for this position in Austin is $109,000 to $152,500. Employees in this role have the potential to increase their pay up to $174,500 based on ongoing, demonstrated, and sustained performance in the role.The total cash range for this position in Chicago is $101,500 to $142,000. Employees in this role have the potential to increase their pay up to $162,500 based on ongoing, demonstrated, and sustained performance in the role.The total cash range for this position in Seattle is $109,000 to $152,500. Employees in this role have the potential to increase their pay up to $174,500 based on ongoing, demonstrated, and sustained performance in the role.Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.Accommodation requestsIf you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the
Accommodation Request .We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others.Expedia Group's family of brands includes: Brand Expedia, Hotels.com, Expedia Partner Solutions, Vrbo, trivago, Orbitz, Travelocity, Hotwire, Wotif, ebookers, CheapTickets, Expedia Group Media Solutions, Expedia Local Expert, CarRentals.com, and Expedia Cruises.Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is
careers.expediagroup.com/jobs .Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.
#J-18808-Ljbffr
Accommodation Request .We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others.Expedia Group's family of brands includes: Brand Expedia, Hotels.com, Expedia Partner Solutions, Vrbo, trivago, Orbitz, Travelocity, Hotwire, Wotif, ebookers, CheapTickets, Expedia Group Media Solutions, Expedia Local Expert, CarRentals.com, and Expedia Cruises.Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is
careers.expediagroup.com/jobs .Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.
#J-18808-Ljbffr