Senior Security Engineer - Gurugram, India - Expedia Group

    Expedia Group
    Expedia Group Gurugram, India

    3 weeks ago

    Default job background
    Full time
    Description

    Senior Security Engineer

    Are you passionate about cloud and the technology needed to drive security? Do you love engineering of critical security systems and services; including Endpoint Protection, Privileged Identity Management, Intrusion Detection/Prevention, Data Leak Prevention, Web Content Filtering, Firewall Compliance, Vulnerability and Security Event Management?

    Expedia Group's Security Engineering team is searching for a top-notch Senior Security Engineer who will deliver on key initiatives, starting from the idea phase all the way through requirements definition, analysis, technical specifications, engineering and deployment. This is a highly visible role that requires an understanding of our large, complex technical environment and has the ability to design/engineer simple, elegant technical security solutions.

    Our team's mission is to vision, design, deploy, maintain, and automate robust security solutions to reduce security risk for EG and this role will help the team achieve that while mentoring teams and junior engineers in the team.

    What you will do:

    · Design, Build, Test, and Deploy innovative security solutions

    · Proactively maintain, monitor and improve our systems and security posture with a focus on service excellence

    · Lead solutions development and complex technical deployments across cross-functional teams

    · Write and contribute to project plans, author engineering level documentation, and develop detailed test plans

    · Collaborate with business and technical teams to solve complex problems

    · Influence the engineering practices within and beyond the immediate team

    Who you are:

    · Overall 8+ years of experience in security engineering.Mature understanding of Security Engineering concepts and lifecycle

    · Strong collaborator with stakeholder teams, delivering proof-of-concept (POC) evaluations to meet business requirements

    · Experience building and deploying enterprise-wide security solutions from the ground up

    · Experience with building Software, Scripts, and Automation in CI/CD pipeline

    · Experience with continuous threat intel, IOC, and TTP detection and tuning improvements

    · Experience with system administration (Windows, macOS, Linux) for developing security policies and configuring automated deployments

    · Hands-on experience with AWS Cloud services like EC2, VPC, S3, IAM, CloudFormation and Lambda; relevant experience with AWS cloud security is highly preferred.

    · Strong knowledge of endpoint/network/application design principles and thorough understanding of security architectures; experience with threat modeling

    · Deep understanding and experience with application security for large-scale, production e-commerce websites and mobile apps

    · Ability to correlate and analyze log information, packet captures, security alerts, and artifacts

    · Ability to thrive in a dynamic, collaborative and fast-paced environment.

    ·Strong interpersonal, organizational, and problem-solving skills

    · Experience and Qualifications: 8+ years of experience as a security engineer supporting critical services for large organizations

    · Minimum 4 years of applied computer programming and/or scripting language experience (Python, Golang, Java, etc.)