Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Director CyberSecurity

$249k

Expedia Group

At Expedia Group, we help travelers explore the world, one journey at a time. As a global travel company powered by passionate people, trusted partnerships, and leading technology, we connect travelers, partners, and advertisers through our consumer brands, B2B network, and travel advertising business.

Here, you'll do meaningful work that helps millions of people discover, book, and experience travel with more ease, confidence, and joy. Our five Behaviors-Traveler First, Think Big, Operate with Excellence, Ownership Mindset, and Succeed Together-help foster a supportive environment where people can grow their careers and have the flexibility, benefits, and support to do their best work. Join us and build for travelers everywhere.

Director, Security Engineering

Our Technology Team partners with teams across Expedia Group to create innovative products, services, and tools to deliver high-quality experiences for travelers, partners, and our employees. A singular technology platform powered by data and machine learning provides secure, differentiated, and personalized experiences that drive loyalty and traveler satisfaction.

Expedia Group's Product Security organization is building the security infrastructure, platforms, and services that power secure software delivery across one of the world's largest travel technology platforms. We are looking for a Director, Security Engineering who ships — someone who turns architectural thinking into running systems, operating controls, and measurable outcomes at enterprise scale.

This is fundamentally a hands-on, execution-oriented role. You will design and build security platforms, embed controls into high-velocity engineering workflows, operationalize cloud and data security programs, and serve as the technical anchor for complex, cross-cutting security initiatives. You will work closely with engineering teams, platform architects, and technology leads — influencing craft, output, and trust rather than org chart position.

If you are energized by building things that work at scale, by making security invisible to engineers who do the right thing, and by leaving systems measurably more secure than you found them — this role was written for you.

WHO THRIVES IN THIS ROLE

You are a builder. You measure your impact in systems shipped, controls operationalized, and engineering teams unblocked — not in decks presented or frameworks authored. You are most comfortable when you are deep in the work: designing a zero-trust architecture in the morning, reviewing a CI/CD pipeline security integration in the afternoon, collaborating vertically and horizontally with product security and CTO stakeholders to drive our success while understanding competing priorities. you're are Passionate and curious about AI system the next day. You understand that security at scale is a product problem — and you design accordingly, obsessing over adoption, ergonomics, and measurable outcomes. You influence through craft, consistency, and trust, and you thrive in environments where competing priorities are real, and judgment matters more than process.

In this role, you will:

Security Platform & Infrastructure Delivery

  • Design, build, and operationalize reusable security platforms, shared services, and reference architectures that engineering teams consume at scale — prioritizing developer ergonomics and adoption velocity.

  • Deliver security guardrails for infrastructure-as-code, containerized microservices, and service mesh architectures — implemented as enforceable, automated policy-as-code controls, not documentation.

  • Build and maintain secrets management, certificate lifecycle, and workload identity frameworks for cloud-native infrastructure across multi-cloud environments.

  • Own the technical implementation of security tooling integrations — Security Fabric to be include SAST, DAST, SCA, ASPM, CSPM, DSPM — ensuring signal quality, pipeline integration, and engineering team usability.

  • Proven ability to develop and operationalize security policies, standards, and compliance frameworks (e.g., PCI-DSS, SOC 2, ISO 27001, GDPR)

AI & Agentic System Security — Hands-On Implementation

  • Demonstrated experience applying AI and machine learning techniques within cybersecurity contexts, including threat detection, anomaly detection, or automated vulnerability management

  • Implement security architecture for LLM-based applications, RAG pipelines, and agentic AI systems — applying controls for prompt injection, model abuse, data exfiltration, and agent trust boundaries in production environments.

  • Evaluate and operationalize AI-powered security tooling — automated threat detection, vulnerability triage, AI-driven response — from proof of concept through production operation.

  • Embed security early in Expedia Group's AI development lifecycle, influencing model selection, fine-tuning practices, and deployment architecture through direct partnership with AI platform teams.

Service Mesh & Zero-Trust Infrastructure

  • Implement and operate service mesh security at scale — mTLS enforcement, traffic policy, workload identity, and zero-trust network segmentation across distributed microservices environments (Istio, Envoy, or equivalent).

  • Architect and build identity-centric, zero-trust security models for distributed systems with complex east-west traffic patterns and hundreds of services.

  • Drive practical implementation of zero-trust principles across infrastructure — not as a framework exercise, but as running, enforced controls.

AWS Cloud Security Operations at Scale

  • Architect and operate AWS-native security controls at enterprise scale: IAM and SCPs, GuardDuty, Security Hub, Inspector, Macie, Control Tower, Secrets Manager, KMS — configured, tuned, and continuously improved, not just deployed.

  • Cloud Security Posture Management (CSPM) and Data Security Posture Management (DSPM) programs operationally — driving down finding age, improving coverage, and closing posture gaps at velocity.

  • Instrument and maintain security observability across cloud environments: detection coverage, alerting pipelines, and automated response playbooks that operate reliably at scale.

  • Enable high-velocity release pipelines by embedding security controls natively into CI/CD without blocking engineering throughput — shifting left without shifting blame.

SDLC Security Architecture — Built Into Engineering Workflows

  • Implement SDLC security architecture end-to-end — from threat modeling at design time through runtime protection — embedded in the tools, pipelines, and workflows engineers already use.

  • Deliver reusable security frameworks, libraries, and platform services that let product engineers ship secure code without becoming security experts.

  • Build and maintain security standards for web application, API, mobile, and cloud-native services — grounded in OWASP, NIST, and validated against Expedia Group's actual engineering stack.

  • Collaborate directly with engineering teams to balance security requirements against delivery priorities — understanding the pressures, designing controls that fit naturally, and earning credibility through practical judgment.

Delivering Delight — Cyber Experience That Engineers Actually Want

  • Design security interactions, tooling surfaces, and developer workflows that engineers find intuitive, fast, and useful — minimizing friction while maximizing adoption of secure patterns.

  • Produce clear, actionable security guidance, architectural blueprints, and technical documentation calibrated to the engineering audience — not compliance artifacts.

  • Navigate competing priorities with engineering teams by understanding delivery context, making risk tradeoffs explicit and transparent, and building durable trust through consistent, practical judgment.

  • Contribute to reshaping Product Security and cybersecurity strategy — informing roadmap direction through execution experience, not just top-down design.

Minimum Qualifications:

  • 15+ years of progressive, hands-on cybersecurity experience — with demonstrated depth in building and operating security systems at enterprise scale, not just designing them.

  • Deep, practitioner-level AWS expertise: IAM, VPC, GuardDuty, Security Hub, Macie, Inspector, Control Tower, Secrets Manager, KMS — operated at scale in high-velocity release environments with measurable outcomes.

  • Proven track record delivering SDLC security architecture across large engineering organizations — including CI/CD integration, developer tooling, SAST/DAST/SCA deployment, and runtime security in production.

  • Hands-on implementation experience with service mesh architectures — mTLS, workload identity, traffic policy, zero-trust network enforcement — using Istio, Envoy, Linkerd, or equivalent in production.

  • Demonstrated proficiency in AI security — implementing controls for LLM applications, RAG systems, and agentic AI pipelines in enterprise production environments, not just evaluating them.

  • Operational experience running CSPM and DSPM programs at scale — owning finding triage, remediation velocity, and posture improvement metrics.

  • Proven ability to collaborate with and influence engineering teams without formal authority — translating security requirements into engineering-compatible designs and building trust through delivery.

  • Ability to contribute to security strategy — translating execution experience and technical depth into roadmap input, architectural direction, and stakeholder communication.

  • Exceptional technical communication skills — producing authoritative architectural documentation, security guidance, and clear executive-level summaries when needed.

  • Bachelor's degree in Computer Science, Information Security, or related technical field — or equivalent professional experience.

Preferred Qualifications:

  • Experience in a large-scale, multi-cloud e-commerce or travel technology environment with global operations and high release frequency.

  • Hands-on experience building, deploying, or securing agentic AI systems and LLM-based applications in enterprise production — including red-teaming and abuse scenario validation.

  • Experience building security-as-a-platform services consumed by large engineering organizations — including self-service security tooling, paved-road security libraries, or security SDK development.

  • Prior people leadership or tech lead experience — not required, but relevant for candidates interested in optional team leadership scope.

  • Relevant certifications: CISSP, CCSP, CSSLP, AWS Security Specialty, or GCP Security Engineer.

  • Applied experience with PCI-DSS, SOC 2, GDPR, and ISO 27001 as a practitioner for building compliant systems — not as a policy author.

Senior Individual Contributor | Director-Level Scope

Note: This role is open to exceptional senior ICs and to candidates with people leadership experience who prefer to remain primarily hands-on. People management responsibilities may be available for the right candidate but are not required.

The total cash range for this position in San Jose is $249,000.00 to $348,500.00. Employees in this role have the potential to increase their pay up to $398,500.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.

Benefits and perks

Expedia Group offers benefits and perks designed to support employees and their families, including medical, dental, and vision coverage, paid time off, an Employee Assistance Program, wellness and travel reimbursement, travel discounts, and International Airlines Travel Agent Network (IATAN) membership. Learn more about life at Expedia Group at .

Accommodation requests

Expedia Group is committed to providing an inclusive and accessible recruiting experience. If you need an accommodation or adjustment due to a disability during the application or recruiting process, please submit a request at .

About Expedia Group

Expedia Group includes three flagship consumer brands - Expedia, Hotels.com, and Vrbo - along with a leading B2B travel business and travel advertising offerings. Across our brands and business, we help travelers explore the world with confidence and ease.

Important notice

Employment opportunities and job offers at Expedia Group will always come from Expedia Group's Talent Acquisition and hiring teams. Never share sensitive personal information unless you are confident of the recipient. Expedia Group does not extend job offers via email or messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official place to find and apply for roles is .

Equal Opportunity

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other characteristic protected by law. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Director CyberSecurity in San Jose, CA vacancy
  • $252k - $340.9k

     ...and scale of hybrid attackers. For more information, visit About Vectra Vectra is the world leader in AI-driven cybersecurity, applying cutting-edge AI to detect and stop sophisticated cyberattacks across hybrid cloud, identity, and network environments.... 
    Suggested
    Worldwide

    VECTRA

    San Jose, CA
    1 day ago
  •  ...development platforms (e.g., GitLab, GitHub), issue tracking (e.g., Jira), and QMS/eQMS systems Familiarity with medical device cybersecurity deliverables: threat modeling, cybersecurity risk assessments, vulnerability assessments and mitigations/justifications and... 
    Suggested

    Imperative Care

    Campbell, CA
    4 days ago
  • $245k - $336k

     ...are, you’re in the right place. Who We Are In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the...  ...that drives great outcomes. Job Summary As the Sr. Director of Product Partnerships, you will lead the strategic expansion... 
    Suggested
    Full time
    Work at office
    Shift work

    Palo Alto Networks, Inc.

    Santa Clara, CA
    2 days ago
  • $200k - $260k

     ...unveiling to the world soon. Our offices are in Emeryville and Santa Clara, California. About The Role: The Technical Manager, Cybersecurity is a hands‑on role responsible for managing the full lifecycle of enterprise cybersecurity tools, technologies, and detection capabilities... 
    Suggested
    Contract work
    Local area
    Remote work

    TryApplyNow

    Santa Clara, CA
    1 day ago
  • $233k - $318k

     ...seeking a highly accomplished, strategic, and collaborative Senior Director of Technical Accounting to lead our technical accounting and...  ...We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission... 
    Suggested
    Contract work
    Visa sponsorship
    Work visa

    Palo Alto Networks, Inc.

    Santa Clara, CA
    2 days ago
  • $168k - $258.75k

     ...Certification or proven knowledge in ISO 26262, ISO/SAE 21434, or ISO 8800 is required. NVIDIA's evaluation now covers functional safety, cybersecurity, and AI/ML safety along with process maturity. Having expertise across different fields provides the team with great... 

    NVIDIA

    Santa Clara, CA
    4 days ago
  • $130k - $180k

     ...and works well under pressure in a fast‑paced environment. You have a passion for numbers, our organization has a passion for cybersecurity. You’re looking for a career with a more fulfilling mission. We have open positions to top talent seeking a financial challenge.... 
    Contract work
    Work experience placement
    Work at office
    Flexible hours

    Palo Alto Networks

    Santa Clara, CA
    15 hours ago
  • $122.5k - $175k

     ...part of the team that's helping to secure the AI age, we invite you to bring your talents to Zscaler and help shape the future of cybersecurity. We are looking for a Technical Success Manager to join our team. This is a remote, Northeast (NJ, DC, NYC, MA, NC)-based... 
    Full time
    Work at office
    Local area
    Remote work

    Zscaler

    San Jose, CA
    1 day ago
  • $141k - $229k

     ...of your career alongside people who are just as passionate as you are, you’re in the right place. Who We Are In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at... 
    Full time
    Work at office
    Shift work

    Palo Alto Networks, Inc.

    Santa Clara, CA
    3 days ago
  • $130k - $180k

    A cybersecurity firm in the United States seeks a motivated Technical Revenue Manager to join their Technical Revenue team. The ideal candidate will have over 5 years of experience, demonstrate critical thinking, and effectively collaborate with various teams to manage... 

    Palo Alto Networks

    Santa Clara, CA
    2 days ago
  •  ...company match Paid holidays Health Care Plan (Medical, Dental, & Vision) Retirement Plan (401(k), IRA) Paid Vacation Time Training & Development Work‑From‑Home Option Wellness Resources #J-18808-Ljbffr ICE Consulting - Managed IT & Cybersecurity for Life Sciences
    Work from home

    ICE Consulting - Managed IT & Cybersecurity for Life Science...

    Milpitas, CA
    4 days ago
  • ICE Consulting - Managed IT & Cybersecurity for Life Sciences is seeking a Technical Account Manager in Milpitas, California. This role focuses on developing client relationships and managing their IT support needs, requiring a strong blend of technical expertise and customer... 
    Remote job
    Work from home

    ICE Consulting - Managed IT Services

    Milpitas, CA
    4 days ago
  • $224k - $231k

     ...Palo Alto Foundation Medical Group is seeking an experienced Physician Assistant Director to lead Advanced Practice Clinicians (APCs) across a broad portfolio of Medical Specialties and Continuum of Care programs. This is a dynamic leadership opportunity for an APC... 
    Local area

    Palo Alto Foundation Medical Group

    Santa Clara, CA
    1 day ago
  • $135k - $155k

     ...Senior Director of Member Engagement and Financial Wellness Senior Director of Member Engagement & Financial Wellness Come be a Difference Make r with us . We are searching for an experienced leader for the role of Senior Director of Member Engagement & Financial... 
    Immediate start
    Remote work

    CommonWealth Central Credit Union

    San Jose, CA
    1 hour ago
  • $159k - $255k

     ...of your career alongside people who are just as passionate as you are, you’re in the right place. Who We Are In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at... 
    Full time
    Work at office

    Palo Alto Networks

    Santa Clara, CA
    4 days ago
  • Atomic Machines is seeking a Technical Manager, Cybersecurity to lead the detection and response program across cloud, OT/ICS, endpoint, identity, and network domains. The role combines strategic security direction with hands-on technical execution, coordinating an external... 

    TryApplyNow

    Santa Clara, CA
    1 day ago
  • $200k - $260k

    A leading micromanufacturing technology company based in California is seeking a Technical Manager, Cybersecurity. In this role, you will oversee the full lifecycle of enterprise security tools, ensuring robust protection across various domains. You are expected to manage... 

    Atomic Machines

    Santa Clara, CA
    4 days ago
  • $180.5k - $248.5k

    Who We Are Applied Materials is a global leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world. We design, build and service cutting‑edge equipment that helps our customers manufacture display and semiconductor...
    Full time
    Relocation

    Applied Materials

    Santa Clara, CA
    2 days ago
  • $207.9k - $272.8k

     ...YOUR NEXT OPPORTUNITY The Director, Treasury is a key corporate leader responsible for shaping and managing the company's investment strategy within a growing electrical contracting organization. This role oversees the selection, allocation, and performance of a diversified... 
    Local area
    Shift work

    Rosendin Electric

    San Jose, CA
    5 days ago
  •  ...Interim Director of Continuous Improvement About the Company Respected provider of high-quality services Industry Consumer Services Type Privately Held About the Role The Company is in need of an Interim Director of Continuous Improvement... 
    Interim role

    Confidential

    San Jose, CA
    5 days ago
  •  ...Senior Director, Principal Gifts About the Company Philanthropic organization supporting Indigenous culture & individuals Industry Non-Profit Organization Management Type Non Profit Founded 2017 Employees 11-50 Categories... 

    Confidential

    San Jose, CA
    1 day ago
  • $10k

     ...Location and Job Title: Senior Director of Philanthropic Engagement Jewish Silicon Valley / Addison-Penzak JCC 14855 Oka Road Suite 200 Los Gatos, CA 95032 Principal Responsibilities: Focus: Individual Major Gifts, Acquisition, and Community Connectivity. Position Summary... 
    Work at office

    JCC Association of North America

    Los Gatos, CA
    2 days ago
  • $282k - $419.1k

    Job Description Summary: This job will lead complex projects and participate in problem resolution, driving global process improvements. You will manage key partnerships, ensuring retention and growth, and contribute to the development of partnership strategies. Essential...
    Work experience placement
    Local area
    Flexible hours

    SupportFinity

    San Jose, CA
    3 days ago
  •  ...as we shape the future of AI and beyond. Together, we advance your career. The Role The AMD Law Department is seeking a Director of Patent Litigation to support and manage the company's defensive patent litigation team. This role will report to the Sr. Director... 

    Advanced Micro Devices , Inc.

    San Jose, CA
    4 days ago
  •  ...are seeking a dynamic and compassionate leader to guide our Dialysis Services team. Position Overview : As the Executive Director of Dialysis Services , you will oversee the administration and clinical direction of all dialysis services within our health system... 
    Relocation package

    University Health

    San Jose, CA
    5 days ago
  •  ...Senior Director of Capture Management About the Company Multi-billion-dollar federal service contractor serving defense, intelligence, civilian, and international markets. Industry Defense & Space Type Privately Held About the Role... 
    For contractors

    Confidential

    San Jose, CA
    4 days ago
  • $100k - $300k

     ...Political Director SEIU Local 521 was founded in 2007 when 5 local unions came together in the Bay Area, Central Coast and Central Valley to form one larger, more powerful union. Together our members are building a true 21st century union fighting to empower and improve... 
    Local area
    Flexible hours
    Night shift
    Weekend work
    Afternoon shift

    Service Employees International Union 521

    San Jose, CA
    3 days ago
  • $227.8k - $338.8k

     ...Director, Legal NetApp is the intelligent data infrastructure company, combining unified data storage, integrated data services, and cloud operations services to turn a world of disruption into opportunity for every customer. This role reports to the Vice President... 
    Contract work
    Worldwide

    NetApp

    San Jose, CA
    4 days ago
  •  ...students rise to the level of challenge they're given, you'll feel right at home here. Position Summary The AoPS Academy Campus Director at our Saratogacampus leads a vibrant, dynamic enrichment program where each day brings new opportunities to engage students,... 
    Full time
    Part time
    Summer work
    H1b
    Local area
    Relocation package
    Monday to Friday
    Shift work
    Weekend work
    Afternoon shift

    Art of Problem Solving

    Saratoga, CA
    3 days ago
  •  ...retention. Leadership Development Design and deliver leadership development programs for front line leaders, emerging leaders, managers, directors, and executives. Create scalable leadership capability models aligned with company values and growth expectations. Coach senior... 

    Dormont Manufacturing Company

    San Jose, CA
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Director CyberSecurity. Be the first to apply!