Business Security Analyst
At Booking.com, our mission is to make it easier for everyone to experience the world. As our technology landscape, regulatory environment, and product ecosystem continue to evolve, we need practical and scalable approaches to risk, controls, and compliance that support the business without slowing it down.
About the team:
An individual contributor role assigned to support a Business Information Security Officer (BISO) who is assigned to one or more Business Units (BU). The role is an embedded Security, Safety, & Fraud (SS&F) analyst responsible for supporting the BISO in driving the SS&F strategy within each BU; partnering with SS&F to support delivery of products/tools/services that are fit for purpose. Within the BU, the BSA works primarily with the Tech and Product teams with the aim to improve the security, safety, and fraud risk posture of the BU. The role supports BU’s adoption of the SS&F capabilities and standards and the continuous improvement of the latter based on BU feedback and requirements. By identifying BU gaps and risks related to SS&F, the BSA supports the BISO in enabling the business to achieve their goals while addressing their most relevant risks.
About the role:
Reporting to a Risk & Compliance Manager the BSA is an embedded analyst enabling the BISO to define and oversee the business unit’s security, safety, and fraud roadmap to enable the BU to meet their objectives in a secure and compliant manner. The BSA understands the security, safety, & fraud threat landscape and risk posture, and how those apply in their respective business units. More specifically, the BSA:
Key Responsibilities and Duties:
Assessing, identifying, reporting, and monitoring the SS&F risks within the BU by supporting the BISO in periodic and relevant insights to BU leadership that drive risk based decisions and prioritization of actions
Champions and promotes SS&F awareness in the BU
Support in building productive relationships with business stakeholders
Representing the BISO at meetings and act on behalf of as requested
Support the BISO in delivering operational and tactical security improvements in line with the overarching security strategy while supporting the Business Information Security Officer (BISO)
Understanding and keeping up to date with BU specific SS&F related security regulations
BU and SS&F collaboration support
Feedback and BU requirements towards the SS&F capabilities and services for continuous improvement
Support and analysis of SS&F risk acceptances
Support and analysis of SS&F risk remediation and mitigation activities
Support and analysis during SS&F incidents management
Qualifications and Skills:
3 to 5 years of experience in one or more of Cyber Security, Safety, and Fraud topics
Understanding of technology processes and practices (e.g., change management, Secure Software Development Lifecycle, Identity and Access Management, IR, Incident Management, Data Governance)
Experience in IT Risk Management
Excellent English communication skills
Experience in stakeholder management and ability to effectively engage and influence individual technical staff
Creative problem-solver able to communicate concepts to a limited audience and create clarity
Additional cybersecurity qualifications such as CISM, CISSP, CISA, CRISC, AIGP, or similar are an advantage
Organized, with attention to detail and execution skills
Experience in the analysis and assessment of security programs
Good understanding of security best practices and standards such as NIST Cybersecurity Framework, ISO27001, and PCI DSS
Experience participating in security, safety, and fraud incident response activities
Bachelor’s degree in computer science or related field or equivalent experience
Benefits & Perks - Global Impact, Personal Relevance:
Booking.com’s Total Rewards Philosophy is not only about compensation but also about benefits. We offer a competitive compensation and benefits package, as well unique-to-Booking.com benefits which include:
Annual paid time off and generous paid leave scheme including: parent, grandparent, bereavement, and care leave
Hybrid working including flexible working arrangements, and up to 20 days per year working from abroad (home country)
Industry leading product discounts - up to 1400 per year - for yourself, including automatic Genius Level 3 status and Booking.com wallet credit
Diversity, Equity and Inclusion (DEI) at Booking.com:
Diversity, Equity & Inclusion have been a core part of our company culture since day one. This ongoing journey starts with our very own employees, who represent over 140 nationalities and a wide range of ethnic and social backgrounds, genders and sexual orientations.
Take it from our Chief People Officer, Paulo Pisano: “At Booking.com, the diversity of our people doesn’t just build an outstanding workplace, it also creates a better and more inclusive travel experience for everyone. Inclusion is at the heart of everything we do. It’s a place where you can make your mark and have a real impact in travel and tech.”
We ensure that colleagues with disabilities are provided the adjustments and tools they need to participate in the job application and interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.
Application Process:
Let’s go places together: How we Hire
This role does not come with relocation assistance.
Booking.com is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.