Apply on Employer Site

Expedia Group · 5 days ago

Director, Technology Audit

Seattle, WA

Full-time

Hybrid

Director/Executive

$208K/yr - $290K/yr

12+ years exp

Expedia Group is a global leader in travel technology, committed to making travel smoother and more memorable. The Director of Technology Audit will lead the global IT audit team, serving as the primary liaison to senior leadership on IT risk and governance, while developing talent and ensuring effective audit processes.

CommunitiesInternetReservationsTask ManagementTechnical SupportTicketingTourismTransportationTravel

H1B Sponsor Likely

Responsibilities

Serve as the primary liaison to senior leadership on IT Risk and IT Governance while building a high-performing team that delivers measurable impact

This role offers visibility at the highest levels of the organization and requires a balance of strategic foresight, technical expertise, hands-on leadership and has strong communication skills to influence and align partners (including senior leaders) to manage risk, protect Expedia Group, drive transparency and deliver exceptional audit results

Experienced people-leader capable of building high-performing teams and can communicate IT risks with a business context

Lead and mentor a team of IT audit and compliance professionals, providing guidance and support in their professional development

Holds self and team accountable for setting and meeting departmental goals

Helps team members identify and build key relationships and networks inside and outside the organization

Inspires and gains the commitment of others towards the vision, mission, values and organizational goals

Qualification

Technology AuditIT Risk ManagementSecurity ComplianceProfessional CertificationsCyber Security ConceptsCloud OperationsData GovernanceData Privacy ComplianceBig DataLeadershipCommunication SkillsProblem SolvingCritical ThinkingCollaboration

Required

12+ years of relevant experience in Technology Audit, Product Security, Security Engineering or Security Compliance preferably within the technology sector and/or Big4 consulting

Bachelor's and/or master's. Preferably in computer science or engineering

Professional certifications such as CISSP, CISM, GIAC, CCNA, CISA, CRISC, or CIA

Experience working in a global organization and managing projects across different time zones

Strong understanding of technology risk and security fundamentals across various cyber domains: IAM, applied cryptography, key management systems, data security, application security, web security, security protocols, API Design, threat intelligence, network security, hardware security, vulnerability management, etc

IT General Controls (Logical Access, Change Management, IT Operations, Program Development/SDLC)

Expertise in implementing or assessing the SDLC process, technology, and automation in a DevOps environment. Familiarity logging technologies, system monitoring, and security event management

Proven analytical ability to assess complex technology environments against risk assessment outcomes, industry best practices, internal standards and external regulatory requirements

Excellent problem solving, critical thinking, collaboration and communication skills combined with the ability to provide a credible technical challenge to the business

Preferred

Cyber security concepts, risks and practices (e.g., identity access management, vulnerability management, security governance, software development, auditing and logging, micro segmentation, secure access services, PKI) and security frameworks such as NIST, ISO 27000

Cloud operations (e.g., Cloud architecture, infrastructure, networks, secure compute workloads, resiliency, data encryption, account and key management, identity access management, software development in the cloud)

Data governance (e.g., frameworks, policies, third-party data risks, and data security and protection)

Data privacy compliance including GDPR, CCPA, HIPAA, and other regulations; Artificial intelligence, Governance and risk management

Utilizes knowledge of the IIA framework, IT controls framework, risk frameworks, technical frameworks, emerging risks, regulatory compliance requirements, etc. to identify, design, and drive programs and analyses that support the organization's mission

Big Data (e.g. data analysis and visualization tools, data engineering modeling, scripting language such as SQL or Python)

Benefits

Medical/dental/vision

Paid time off

Employee Assistance Program

Wellness & travel reimbursement

Travel discounts

International Airlines Travel Agent (IATAN) membership

Company

Expedia Group

Glassdoor3.9

At Expedia Group (NASDAQ: EXPE), we believe travel is a force for good – it opens minds, builds connections, and bridges divides.

Founded in 1996

Seattle, Washington, USA

10001+ employees

https://www.expediagroup.com

H1B Sponsorship

Expedia Group has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (519)

2024 (410)

2023 (382)

2022 (629)

2021 (483)

2020 (366)

Funding

Current Stage

Public Company

Total Funding

$4.25B

Key Investors

TCV

2025-02-21Post Ipo Debt· $985M

2020-04-23Post Ipo Equity· $1.2B

2020-04-23Post Ipo Debt· $2B

Leadership Team

Ariane Gorin

Chief Executive Officer

Ramana Thumu

Chief Technology Officer

Recent News

PhocusWire

Travel investment, acquisitions and public market plays in 2025

2026-01-16

expedia

Expedia.com Expedia, Inc. Announces $60 Million Financing from Technology Crossover Ventures and Microsoft Corporation

2026-01-08

PhAndroid.com

8BitDo’s FlipPad Turns Your Phone Into a Game Boy

2026-01-07

Company data provided by crunchbase