Expedia

Cyberseurity Controls Assurance Senior Manager

Heredia, Heredia Province, Costa Rica

Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Information Services, BiotechnologyIndustries

Requirements

Candidates must possess a Bachelor's degree in computer science, management information systems, or equivalent experience, with at least 3 years of management experience overseeing IT auditors or Information Security control assessors. A minimum of 12 years in IT Audit or Information Security control assessments, including cloud security controls, is required, along with professional certifications such as CISA, CISM, CISSP, or ISO 27001 Lead Auditor. Proficiency in standards like NIST 800-53, ISO 27001/27002, CIS Controls, and COBIT is essential, as is experience with both automated and manual methods for evaluating on-premise and cloud security controls. Familiarity with security tools like Sailpoint, Rapid7, Wiz.io, MS Defender, cloud security in AWS and Azure, automation techniques, generative AI for control assurance, RSA Archer, ServiceNow, Kanban boards, and Jira is also expected. Experience as a Big 4 consultant and a strong understanding of cybersecurity principles are desired.

Responsibilities

The Information Security Control Assurance Manager will lead a team in evaluating security controls for on-premise and cloud processes to mitigate risks and ensure regulatory compliance. This role involves directing the team in testing security controls for design, implementation, and operational effectiveness within an Agile environment. Key responsibilities include overseeing the information security control testing program, managing testers, designing repeatable testing methodologies with automation for cloud environments, and planning control tests with detailed criteria. The manager will ensure quality assurance for control testing documentation, compile management reports on risks and deficiencies, serve as the primary contact for control tests, and improve the efficiency of the control testing program through standardization. Additionally, the role includes mentoring junior team members and reporting on security posture and control effectiveness to senior management.

Skills

Information Security
Control Assurance
Risk Mitigation
Regulatory Compliance
Security Control Testing
Cloud Security
Agile Environment
Automation
Quality Assurance

Expedia

Travel booking platform for flights, hotels, rentals

About Expedia

Expedia Group operates in the travel industry, offering a wide range of services for travelers and travel-related businesses. It connects users with options for flights, hotels, car rentals, vacation packages, and activities through its various brands, including Expedia, Hotels.com, and Vrbo. Travelers can easily find and book trips that match their preferences and budgets. The company earns revenue primarily through commissions on bookings and advertising from travel service providers looking to promote their offerings. Additionally, Expedia Group supports its partners by providing access to valuable data and technology, helping them improve their operations and grow their businesses. The goal of Expedia Group is to create a seamless travel experience for users while maximizing the potential of its partners.

Bellevue, WashingtonHeadquarters
1996Year Founded
$3,277.3MTotal Funding
IPOCompany Stage
Consumer Goods, EntertainmentIndustries
10,001+Employees

Benefits

Competitive Paid Time Off
Travel Discounts
Healthcare Flexible Spending Accounts
Employee Assistance Program
Wellness & Travel Reimbursement
Workplace Accomodations
Medical, Dental, & Vision Insurance
Matching Gifts
New Parental Benefits

Risks

Riyadh Air's entry could increase competition, affecting Expedia's market share.
CFO transition may lead to strategic shifts impacting financial management and investor confidence.
Expedia's partnerships may strain resources, affecting service quality if not managed well.

Differentiation

Expedia offers a comprehensive suite of travel services under one platform.
The company leverages a diverse portfolio of brands like Hotels.com and Vrbo.
Expedia provides partners with valuable data and technology to optimize their offerings.

Upsides

Expedia can capitalize on the rise of 'workcations' with longer stay packages.
The trend of 'bleisure' travel offers opportunities for specialized leisure-business packages.
Increased demand for personalized travel experiences can enhance user engagement for Expedia.

Land your dream remote job 3x faster with AI