Booking Holdings Romania - Senior Incident Management Specialist - Cyber Security & Fraud

Acest job nu mai este activ!

Vezi toate job-urile Booking Holdings active.

Vezi toate job-urile Booking Holdings Romania - Senior Incident Management Specialist - Cyber Security & Fraud active pe

Vezi toate job-urile in Internet - eCommerce active pe

Vezi toate job-urile in IT Hardware active pe

Vezi toate job-urile in IT Software active pe

Angajator: Booking Holdings
  • Internet - eCommerce
  • IT Hardware
  • IT Software
  • Tip job: full-time
    Nivel job: 1 - 5 ani experienta
  • Actualizat la: 19.06.2024
    Remote work: Hybrid

    Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.

    As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world's leading provider of online travel, with a mission of making it easier for everyone to experience the world through six-primary consumer facing brands:, Priceline, Agoda, KAYAK, OpenTable and

    Role description

    The Senior Incident Response Specialist - Security & Fraud will have a hybrid role covering both the strategic incident response program as well as acting as an escalation point for IR teams and providing operational incident management services during high priority cyber security and fraud incidents spanning multiple business units with high exposure to senior stakeholders.

    A Senior Incident Response Specialist is expected to have a deep understanding of elements of frameworks (ITIL, NIST, ACFE etc) relating to incident response and be able to translate these best practices into practical and effective policies and procedures fit for purpose at Alongside this iterative program work, Group Incident Manager will be measuring and reporting on the effectiveness of the various incident response teams within the Security & Fraud department in order to target training and process improvements on areas that actually need it and support those steps with relevant data points.

    A Senior Incident Response Specialist will be expected to be on call for at least 1 week per month and will have to be flexible with working hours given the nature of the role. The Senior Incident Response Specialist will be called upon to coordinate efforts during incident response when high priority cyber security or fraud incidents occur. The Senior Incident Response Specialist is responsible for the entire end to end management of an incident from the preparation phase right through to the post incident activities driving containment and remediation of incidents and escalating to the Crisis Management Team when necessary.

    This role will at times be in contact with senior leadership, to ensure transparency and clarity of the current state of events, so the ability to communicate clearly and concisely, both in written and verbal form, is crucial to the role's success.

    Key Job Responsibilities and Duties

    Incident Response Management (Tactical & Programmatic)

    • Acts as Incident Manager for critical cyber and fraud incidents with high business impact, including 24/7 on-call for at least 1 week per month.
    • Drives incident response program elements to ensure IR effectiveness and readiness.
    • Ensures that key stakeholders are kept up to date on key developments in a timely manner during IR.
    • Facilitates onboarding and table top exercises to support continuous improvement and increase maturity level of IR capability.
    • Is connected with emerging threats, security flaws, and vulnerabilities
    • Consult with incident response teams to ensure that they are adequately prepared for incident response activities.
    • Creates and facilitates workshops and training sessions for teams with specific improvement areas regarding IR activities.
    • Collaborates with problem management functions to ensure that retrospective findings are remediated.

    Communication and Partnerships

    • Develops relationships with key security partners across
    • Ensures to effectively receive buy-in from key stakeholders both within the Security department and across the business on strategic IR program initiatives.
    • Carries out regular reporting with clarity and key insights providing solutions and accurate timelines.
    • Actively builds and leverages a network across the industry.

    Innovation and Excellence

    • Identifies (both proactively and reactively) opportunities to improve incident management/response processes.
    • Takes the lead and holds capability area leads accountable for improving incident detection, response, and remediation.
    • Continually iterates on existing governance mechanisms to adhere to both industry best practices and ensure that it fits in with operations.
    • Identifies new tooling opportunities, building business cases and escalating as appropriate.

    Leadership - technical / non-technical

    • Demonstrates strategic mindset and ability to input into the 2-3 year roadmap for the functional area.
    • Leader within the Security organization and contributes to broader strategic projects to improve overall security posture.
    • Role models Incident Management best practices during IR activities identifying potential IM talent within the organization.

    Vendor Management

    • Identifies vendor opportunities and effectively manages them as needed.

    Role Qualifications and Requirements

    • Bachelors/Masters Degree in a relevant field (Computer Science, Criminology, Homeland Security, or equivalent experience in academia, business, or government).
    • 5-8+ years relevant Job Knowledge
    • 5+ years experience with incident management in a fast-paced and highly dynamic environment.
    • Incident management skills: able to set priorities, pursue multiple threads at the same time, accurately reflect current state and drive towards desired state.
    • Certification of cybersecurity, Forensic, and Incident response is a plus (eg. CISSP, CISM, GISP, GCIH, GCFE, GCFA, CIPR).
    • Experience of being on-call and working flexible hours.
    • Excellent written and verbal communication skills are required, including the ability to communicate technical concepts clearly and effectively.
    • Experience communicating with senior stakeholders in high pressure situations.
    • Thrives within a global and inclusive working environment.
    • Knowledge of frameworks such as PCI, SOX, NIST, ITIL and GDPR is advantageous.
    • This can be a stressful, pressure-packed job. We need you to be flexible, adaptable and down-to-earth and an expert in multi-tasking.
    • Bachelors/Masters Degree in a relevant field or equivalent experience.

    Benefits & Perks

    • Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide
    • Working in a fast-paced and performance driven culture
    • Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
    • Competitive compensation and benefits package
    • Vast amounts of data to validate your ideas and the opportunity to experiment with real users

    Booking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.

    Pre-Employment Screening:

    If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.