Our Technology team is the backbone of our company: constantly creating, testing, learning and iterating to better meet the needs of our customers. If you thrive in a fast-paced, ideas-led environment, you’re in the right place.
Priceline is looking for a principal for our Product Security team. This technical leader passionate about application security, interested in a high-profile role at a major ecommerce company.
Priceline is the best travel dealmaker in the world and attackers are always drawn to success. In this leadership role you will own the security of our ecommerce platform, including our websites, mobile apps, and other sales channels.
You will work with our dev teams to ensure vulnerabilities are fixed in a timely manner. You’ll help our devops and release teams improve security in the CICD pipeline. You’ll collaborate with our product owners regularly to ensure the prioritization of security goals. You’ll provide guidance on account, session, and transaction security. You’ll manage our active, public bug bounty program, and you will advocate for a secure, trustworthy platform for our customers, suppliers and employees.
- Own application security for priceline.com
- Passionately communicate security priorities to dev, product, and support teams
- Lead technology and application assessments, provides technical consultation and ensures system security functionality
- Design, implement and support security-focused tools and services
- Design and monitor goals and OKRs for teams to improve site security, report to leadership on same
- Respond to system security concerns, work with other teams and third party vendors to resolve security issues
- Develop creative improvements to security system capabilities
- Participate in investigations of security incidents and prepare security incident reports documenting the findings
- Curiosity and creativity in breaking and defending modern web applications
- Understanding of common application security vulnerabilities with the ability to explain to a diverse audience without hype or buzzwords
- Comfort with network, server, and application log analysis and correlation
- Be willing and able to talk to anyone about security topics
- Dive deep into challenging issues and taking ownership for resolving them
- Have the ability to work with technical and non-technical business owners to get things done
- Have the ability to handle multiple competing priorities in a fast-paced environment
- Demonstrated history of living the values important to priceline: Customer, Innovation, Team, Accountability and Trust. Unquestionable integrity and ethic.
- Bachelor’s Degree in IT, Computer Science or equivalent work experience.
- 8+ years technical work experience.
- Experience with the following: Application security testing tools, developer security tooling, log and event correlation tools. Strong understanding of modern web application security.
- Experience in a PCI-compliant environment
Priceline is an equal opportunity employer in accordance with all applicable federal, state and local laws.