Manager, Technical Risk & Compliance

Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success.

Why Join Us?

To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win.

We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We’re building a more open world. Join us.

Manager, Technical Risk & Compliance

Want to have the ability to interact with a unique set of stakeholders each day? Would you like the ability to help Expedia move forward with important business objectives? Would you like to directly support business partners who are making the decisions that drive our business? Come join the Expedia Sarbanes Oxley (SOX) Compliance Team. We provide SOX risk and control advisory services to our business partners!

We are looking for a leader to help support broader strategy development as well as manage the day-to-day governance activities related to our SOX Compliance Program.  This individual will collaborate with functions such as Product, Security, Engineering, Brands, and Corporate Shared Services to drive continued progression of our SOX compliance practices as we support our broader enterprise objectives.

What You’ll Do:

• Contribute to the evolution of the SOX compliance program through improvement of all components of internal control.

• Support and advise business partners with SOX risk and control assessments.

• Support SOX control deficiency assessments and remediation efforts by working directly with control owners to assist in performance of impact analysis and control design.

• Support control environment improvements efforts by identifying opportunities for control efficiencies, process automation, and control consolidation.

• Review pertinent process and control documentation to support process owners with their responsibility for optimized control design.

• Collaborate with internal IT and business stakeholders to identify pertinent risks and develop mitigating control procedures for future state processes and system implementations.

• Serve as an advisor to management-identified SOX Champions on leading internal controls practices, testing strategies, and remediation activities.

• Communicate, develop and foster strong, collaborative relationships with stakeholders across all levels of the organization specially focused across the Global Finance Technology team.

• Assist with continued enhancement of scalable frameworks to review processes, risks, controls and compliance posture against leading practices or industry frameworks, and assess capability maturity, identify gaps in design and execution, and communicate issues and recommendations to management.

• Track and effectively communicate project and responsibility status with stakeholder teams.

• Prepare comprehensive reports on SOX compliance status for senior management.

• Lead and manage full lifecycle of medium to complex cross functional SOX IT and financial risk/ compliance projects.

• Manage, develop, and coach people to problem solve in efforts to build and maintain a high-performing team

Experience & Qualifications:

• 5+ years of progressive experience in Risk Management, Technical Compliance/Consulting, SOX Control Design/Advisory, Audit, or other risk and controls advisory functions in support of a technical environment

• Ability to engage with multi-functional groups such as Security, Product, and Technology teams to drive alignment on common initiatives/objectives

• Ability to successfully navigate between technical and non-technical audiences

• Possesses a strong bias for results and can operate with autonomy to address bottlenecks, provide escalation management, anticipate and make trade-offs, and encourage behavior to maximize business benefit

• Thrives and gains energy from navigating ambiguity arising from transformative change

• Strong analytical and critical thinking skills

• Experience with IT governance processes, with knowledge and familiarity related to administering and securing applications, operating systems, database and data streaming platforms, software development life cycle, and AWS cloud environments

• Demonstrated proficiency in risk and compliance management frameworks such as NIST, ISO, COBIT, and COSO

• Highly self-motivated and directed, with the ability to effectively prioritize and execute tasks in a high-pressure environment

• Strong written, oral communication and interpersonal skills. Ability to communicate with individuals at all levels of the organization

• Experience working both independently and in a collaborative environment

• Experience in leveraging AI for SOX compliance.

• CPA, CIA, CISA, CISM, CISSP, or similar certifications preferred

The total cash range for this position in Seattle is $110,500.00 to $155,000.00. Employees in this role have the potential to increase their pay up to $177,000.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.

Accommodation requests

If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request.

We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others.

Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™. © 2024 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50

Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.