Security Analyst I

Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success.

Why Join Us?

To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win.

We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We’re building a more open world. Join us.

In this role, you will:

• Monitor, triage, and respond to security alerts and incidents across Expedia Group environments, escalating or containing threats in alignment with documented runbooks and playbooks.
• Analyze security event data, logs, and vulnerability findings to identify patterns, validate true positives, and recommend remediation actions that reduce risk to services and data.
• Execute defined security operations processes such as access reviews, endpoint protection checks, and vulnerability follow-up to improve the overall security posture.
• Collaborate with cross-functional technical teams to document security issues, track remediation progress, and communicate clear, concise incident summaries and status updates.
• Apply foundational knowledge of system design, APIs, and data models to understand how applications and services should behave, and to detect or investigate anomalous behavior.
• Safely integrate and operate AI/ML‑enabled solutions that improve outcomes, including familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real world products.

Minimum Qualifications:

• Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related technical field, or equivalent practical experience.
• Experience (which may include internships, coursework, or projects) working with security concepts such as incident response, vulnerability management, or security monitoring in technical environments.
• Foundational understanding of how web applications, APIs, operating systems, and data stores are designed and secured, including basic system design (LLD), API design, and data modeling concepts.
• Hands-on exposure to security or infrastructure tools such as SIEM, endpoint protection, IDS/IPS, cloud security controls, or log analysis platforms.
• Familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real world products within security or technology operations.

Preferred Qualifications:

• Experience assisting with end‑to‑end incident handling activities, including detection, investigation, documentation, and support for remediation in collaboration with engineering or operations teams.
• Practical experience analyzing security logs and telemetry at scale (for example, across multiple services or environments) to distinguish normal from suspicious behavior and to prioritize true risks.
• Exposure to securing or reviewing low-level system and API designs, including understanding common authentication/authorization patterns, data flows, and basic threat modeling for services.
• Demonstrated use of data and metrics (such as incident trends, false positive rates, or vulnerability closure timelines) to inform recommendations that improve security operations or engineering practices.
• Experience using or tuning AI/ML‑enabled security tools (such as automated threat detection, anomaly detection, or AI-assisted triage) and applying AI techniques to enhance incident response quality and speed.

The total cash range for this position in Seattle is $92,500.00 to $129,500.00. Employees in this role have the potential to increase their pay up to $148,000.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.

Expedia Group is proud to offer a wide range of benefits to support employees and their families, including medical/dental/vision, paid time off, and an Employee Assistance Program. To fuel each employee’s passion for travel, we offer a wellness & travel reimbursement, travel discounts, and an International Airlines Travel Agent (IATAN) membership. View our full list of benefits.

Accommodation requests

If you need assistance with any part of the application or recruiting process due to a disability, or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request.

We are proud to be named as a Best Place to Work on Glassdoor in 2024 and be recognized for award-winning culture by organizations like Forbes, TIME, Disability:IN, and others.

Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™. © 2024 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50

Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.