Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.
As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world’s leading provider of online travel, with a mission of making it easier for everyone to experience the world through five-primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK and OpenTable.
Role description
As an Infrastructure Vulnerability Analyst you will work as a member in the Infrastructure Vulnerability Management team (IVM), responsible for reducing Booking.com attack surface.
The Vulnerability Management function is very critical to the company and it is often required to work with system owners, security management and the security operations track. It covers a range of security disciplines from vulnerability management, access control, alert and response management through the measurement and reporting of the organization’s security posture. As a member of this team, you will participate in the defense of one of the world’s leading e-commerce organizations and have the opportunity to learn and develop skills in a truly world leading security practice.
This role provides a hybrid way of working with an onsite presence of 2 days/week.
Key Job Responsibilities and Duties
- Support identification of vulnerabilities by enhancing vulnerability identification at process and technology level
- Own and manage infrastructure vulnerability scanning process and tools to align with vulnerability identification KPIs
- Support identification, triaging, assignment and remediation of infrastructure vulnerabilities ensuring that vulnerability management lifecycle is followed
- Monitor and review cloud vulnerability and compliance vulnerability assessment findings for different cloud environments
- Support customers by answering vulnerability management related questions and providing the guidance needed for patching
- Monitor and review container and image scanning capabilities and conduct analysis on vulnerabilities to ensure remediation
- Timely respond to security threats by collaboration with other security teams and provide effective remediation solutions complemented by compensatory controls
- Work with the CSIRT on the detection and mitigation of incidents
- Perform validation of moderately to highly complex vulnerability security reports
- Provide data driven insights into improvement opportunities for infrastructure vulnerability management processes
- Prepare reports for technical teams, compliance deliverables and executive management highlighting current status of infrastructure from vulnerability management perspective
- Work with engineering teams for effective patch management by providing highly customized reports and vulnerability metrics
- Provide support for infrastructure penetration testing assessments and PCI compliance assessments
- Follow up and mitigate the findings of infrastructure penetration testing assessments and PCI compliance assessments
- Drive the remediation process to ensure vulnerable assets are patched or remediated with compensating controls within agreed SLAs
- Proactively research new methods, tools, and strategies to effectively identify infrastructure vulnerabilities
Role Qualifications and Requirements
- Bachelor Degree
- 3 to 5 years of relevant experience
- Advanced level of understanding regarding systems hardening , security configuration baselines at both technical and procedural level
- Advanced level of understanding of infrastructure vulnerability scanning tools e.g network, cloud, container and image scanning solutions
- Experience with implementing and maintaining scanning tools for endpoints, bare-metal, cloud and containers
- Experience with Docker and Kubernetes environment with good understanding of container and image vulnerability remediation processes
- Excellent interpersonal and communication skills in order to share knowledge and to communicate effectively with different stakeholders (IT and business partners)
- Relevant industry certification i.e SANS - ISACA - ISC2 (a plus)
- Excellent communication skills, good analytical and negotiation skills, close attention to detail required
- Demonstrated adaptability to change, customer focus, continuous learning, and problem solving required
Benefits & Perks
- Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide
- Working in a fast-paced and performance driven culture
- Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
- Competitive compensation and benefits package
- Vast amounts of data to validate your ideas and the opportunity to experiment with real users
Booking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.
