• Security Compliance Manager Jobs in United States Of America

  • EXPEDIA
  • United States Of America, Usa
  • Save Job
  • 7 - 10 Years
  • Posted : above 1 month

Job Description:

Are you a highly motivated, technically experienced and curious risk management and compliance professional who can address the challenges of increasing our security posture across Expedia Group (EG) Can you lead the discussion and collaborate cross functionally to identify & quantify pervasive security risks to the environment & and then present those insights to decision makers Do you have the discipline to deliver results with a strong passion for ownership and driving change

Expedias Enterprise Risk & Security (ERS) organization is seeking an experienced Risk & Compliance Manager to develop, expand and drive the structure, processes and interactions needed for a successful security risk program You will be a critical part of the Governance, Risk & Compliance (GRC) team, focused on influencing security and compliance across Expedia by owning the security risk register and program, providing leadership level visibility into our current risk posture (including 3rd-party risks), and to ensure mitigations/remediations are identified and prioritized to lower risks to an acceptable level

Beyond possessing domain knowledge on security risk and compliance (preferably in a highly dynamic environment), you must be organized, resourceful and possess the ability to build strong relationships and trust across the enterprise In this individual contributor role, you will demonstrate your ability to analyze hard problems, think out-of-box, and execute against the enterprise security strategy In addition to your knowledge of security risk and compliance, experience with security frameworks and compliance initiatives such as NIST, ISO, PCI, GDPR, or SOC2 will be an asset

What youll do

Lead the enterprise cybersecurity risk management program and contribute to the definition and implementation of the risk management strategy
Establish and implement consistent terminology, reporting requirements/metrics and automation to ensure consistent analysis of risks
Own the central EG security risk registry
Work closely with the business and technology counterparts to understand enterprise objectives, initiatives and cybersecurity risks and suggested mitigations
Coordinate with teams to validate security gaps & score/quantify the underlying cyber risk to EG, evaluate known issues, and partner to identify/validate root causes and solutions
Work directly with security product and architects to ensure remediation or mitigation strategies are established and prioritized
Communicate risk posture to leadership and division partners in a consistent voice and format

Who you are

Over 7 years experience in a dedicated information security, compliance, IT audit, or technical risk management field
3 years leading information security governance and risk activities, preferably in a highly dynamic environment
Extensive knowledge of enterprise cybersecurity management practices, governance, and risk assessment methodologies Demonstrated expertise in understanding mitigating controls at the process, system, network, application and data levels
Experience in technical and business risk analysis and making technical trade-offs between short versus long-term security and business goals
Experience translating complex and ambiguous problems into understandable components and actionable plans Superb communication, presentation and relationship skills, especially the ability to understand and articulate advanced technical topics and build consensus among business and technology partners
Knowledge of regulatory and industry frameworks such as NIST, ISO 27000 series, PCI-DSS, SOC2, etc
Information Security Certification(s) such as CISSP, CRISC, CISA, CISM or other comparable security controls or audit certifications preferred

Why join us

Expedia Group recognizes our success is dependent on the success of our people We are the worlds travel platform, made up of the most knowledgeable, passionate, and creative people in our business Our brands recognize the power of travel to break down barriers and make peoples lives better that responsibility inspires us to be the place where exceptional people want to do their best work, and to provide them the tools to do so

Whether youre applying to work in engineering or customer support, marketing or lodging supply, at Expedia Group we act as one team, working towards a common goal; to bring the world within reach We relentlessly strive for better, but not at the cost of the customer We act with humility and optimism, respecting ideas big and small We value diversity and voices of all volumes We are a global organization but keep our feet on the ground, so we can act fast and stay simple Our teams also have the chance to give back on a local level and make a difference through our corporate social responsibility program, Expedia Cares

If you have a hunger to make a difference with one of the most loved consumer brands in the world and to work in the dynamic travel industry, this is the job for you

Our family of travel brands includes Brand Expedia, Hotelscom, Expedia Partner Solutions, Egencia, trivago, HomeAway, Orbitz, Travelocity, Wotif, lastminutecomau, ebookers, CheapTickets, Hotwire, Classic Vacations, Expedia Media Solutions, CarRentalscom, Expedia Local Expert, Expedia CruiseShipCenters, SilverRail Technologies, Inc, ALICE and Traveldoo

*LI-PP1

Expedia is committed to creating an inclusive work environment with a diverse workforce All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status This employer participates in E-Verify The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employees I-9 to confirm work authorization

Full time

R-46053

Profile Summary:

Employment Type : Full Time
Eligibility : Any Graduate
Industry : Internet/Dot com/ISP
Functional Area : IT Software : Software Products & Services
Role : System Security
Salary : As per Industry Standards
Deadline : 25th Jan 2020

Key Skills:

Company Profile:

Company
EXPEDIAarfix

Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status