Jobs for Humanity is dedicated to building an inclusive and just employment ecosystem. Therefore, we have dedicated this job posting to individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf of Hard of Hearing Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. If you identify with any of the following communities do not hesitate to register.

Company Name: Booking

We’re a truly global e-commerce company, with business operations in nearly every country and city on the planet. And we want to make it easy for everyone, anywhere in the world, to pay for their travel or do business with our platform – whenever and however it’s convenient for them.

This role will be a partner of the FinTech Business Unit— FinTech develops new products and drives innovation to help us continue removing financial friction from the travel  process. That makes buying and selling travel-related products and services simpler for both travelers and partners.

As a Senior Business Security Analyst you will support the delivery & alignment  of cybersecurity and risk management goals and objectives within the Business Unit. This position is being created to support the principle of ‘Global Oversight with Regional/Functional Insight’ meaning we believe that risk management and cybersecurity  implementation is best executed at the point closest to the actual risk and with the insights and understanding of the unique business context as well as support Booking.com and Booking Holdings brands goals with respect to payment services, products and strategic projects . 

In this role you will report directly to the Business Information Security Officer (BISO) who is responsible for ensuring the security of the Fintech's information assets and systems supporting business services and products. You will work with the Business Unit’s product teams and BISO to continuously  improve the information security posture by ensuring the consistent application and alignment  of Booking.com’s policies & procedures. 

You will require a good understanding of the company’s key assets and processes, its unique business requirements, the information security program and the continuous alignment between these processes & requirements. You will combine these information sources to address residual risk by supporting security enhancements within the area of responsibility. The role is a critical partner for the Business Unit’s general management team and operating groups and will represent security in daily operations. 

B.responsible

• Support the Business Information Security Officer (BISO) to deliver tactical and strategic security improvements in line with the overarching security strategy.
• Liaison between cyber organization and Fintech, BHI relevant Brands 
• Enable monitoring of the security control implementation within the business unit in collaboration with the security capability area leads and security program managers.
• Represent the BISO at meetings and act on behalf of as requested.
• Support alignment of “Security by Design” and the cybersecurity regulatory requirements for the Business Unit’s existing & new services and products to enable Booking.com’s customers and partners’ connected trip experience. 
• Proactively identify information security deficiencies or opportunities for improvement to better enable business security at the global level. 
• Help the business unit understand and mitigate the cyber risks identified in line with the company's risk appetite. 
• Support the effective collaboration between the business unit teams and Security & fraud organization. 
• Guide and support the business unit in following the appropriate security procedures such as the product & services risk assessments and the exception management exercises, ensuring completeness and alignment to standard baselines or Booking.com’s security policies
• Support escalations for information security issues identified by security teams and/or the business units themselves. 
• Work with security insights teams to ensure that security metrics and reports receive the right level of attention in the target business unit. 
• Continuously analyze and improve business unit specific security metrics.
• Assist the Business Unit in cyber incidents management  and supporting incident coordination as required. 
• Provide domain expertise on various cyber threats to business unit leadership.
• Support the BISO ensuring the business unit is properly serviced by the security teams in line with the agreed SLAs and risk mitigation needs.
• Enable the alignment of the regulatory requirements for the regulated services such as payments products or services in b.com and/or B.com brands when applicable. 

B.skilled

• Five to eight years of relevant experience.
• Must have demonstrable experience in cybersecurity domains . This includes a wide range of topics from security policy development & implementation, GRC, cybersecurity metrics capture and analysis, and controls implementation. 
• Experience in aligning the cybersecurity controls  in regulated business domain specifically: banking, fintech services or products.
• Good understanding of security standards including NIST Risk Management Framework, NIST 800-53 controls, ISO 27000, PCI DSS, GDPR. Previous experience working with one of these frameworks. 
• Good understanding of key security controls. This includes application of the Cyber Kill Chain in large enterprise environments. 
• Experience participating in security incident response and coordinating activities is a plus.
• Ability to demonstrate security experience via certifications or significant career accomplishments. 
• Broad understanding of ISRM practices, methodologies and technology.
• Strong leadership, communication, consulting, decision-making and influencing skills.
• Superb communication and presentation skills, and ability to successfully communicate with stakeholders at different levels. 
• Ability to develop and maintain strong relationships across technical as well as non technical stakeholders. 
• Solid team player.
• Innovative and strategic thinker. 
• Empowers others via delegation. 

B.offered

• Contributing to a high scale, complex, world-renowned product and seeing real-time impact of your work
• Working in a fast-paced and performance-driven culture

• Competitive compensation and benefits package 
• Free access to Headspace for you and your loved ones
• Meditation and Breastfeeding rooms at the office
• Booking Cares – 2 days per year to volunteer and learn
• Pension plan
• Referral bonus
• Life and disability insurance
• 29 days of annual paid time off
• Parent leave – 22 weeks
• Working from Abroad – work from your home country and/or the EU for 20 days per year