Security Incident Response Manager
India - Gurgaon
Applications have closed
If you need assistance during the recruiting process due to a disability, please reach out to our Recruiting Accommodations Team through the Accommodation Request form. This form is used only by individuals with disabilities who require assistance or adjustments in applying and interviewing for a job. This form is not for inquiring about a position or the status of an application.
Security Incident Response Manager
Our mission is to detect, investigate, disrupt, contain, and remediate threats in support of the company's information security strategy.
“CSIRT Incident Response provides 24/7/365 incident response to all Expedia Group properties and subsidiaries.
The team creates, maintains, and tests the effectiveness of the company's Incident Response Plan. IR conducts post-incident reviews to educate internal stakeholders on security incidents, improve monitoring and detection capabilities, and identify process improvements resulting from incidents to prevent reoccurrence.”
What you’ll do:
Serve as the incident commander for major or high-profile incidents including validating and raising incidents, coordinating response, facilitating information sharing, and conducting reporting
Be a liaison between technical response teams and the business to minimize the impact of an incident on operations
Ensure alignment to the organizational Incident Response Plan throughout the incident lifecycle
Conduct post Incident reviews and provide insights to guide improvements
Design, maintain, and improve a portfolio of security alerts, automated actions, playbooks, and workflows
Communicate incident status to relevant parties across the organization
Develop improvements to security detection capabilities
Serve as a technical focal for security operations analyst issues
Apply intelligence to improve areas of interest
Perform in-depth log analysis with an understanding of acquisition and preservation techniques
Regularly test and improve incident response plans and playbooks through the development of table top exercises
Conduct team information sharing sessions in your given areas of expertise
In partnership with other team members across geographies, maintain schedule flexibility during on call shifts to ensure 24x7x365 coverage
Who you are:
Technical Proficiencies:
Knowledge of multiple security domains, including but not limited to: application security, cloud security, data security, network security, and perimeter security
Experience with:
Common cyber defense tooling such as; IDS/IPS/HIPS, anti-malware, firewalls, proxies, etc
Enterprise infrastructure, platforms, and tooling, including; Windows, Linux, MacOS, infrastructure management and networking hardware
3rd party cloud computing platforms (AWS, Azure, Google)
Industry standard SIEM and SOAR platforms
Soft Skills:
Communication – Written and oral communication skills to communicate technical concepts to all levels of the organization
Listening - Ability to listen to feedback and apply recommendations
Teamwork – Applying the Expedia Group Guiding Principle: One team, group first
Investigative demeanor – Curious mentality, someone willing to dig into problems until they are satisfied with a result
Proactive self starter – Act as a leader proactively looking for solutions
Organization - Ability to simultaneously prioritize technical response while ensuring relevant parties are advised
Bachelors in an information security or related technical field; or equivalent related professional experience
Minimum of 6-10 years within IT security
Ability to lead security incidents at a global scale
Experience working in a SOC or a CSIRT
Certifications which demonstrate baseline proficiency in the areas of IT Security, Incident Response, or cloud concepts (CISSP, GIAC, ECIH, AWS) are a plus
About Expedia Group
Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™.
© 2021 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50
Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals to whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.
Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Azure CISSP Cloud CSIRT Cyber defense Firewalls GIAC IDS Incident response IPS Linux Log analysis MacOS Malware Monitoring Network security Security strategy SIEM SOAR SOC Strategy Windows
Perks/benefits: Career development Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.