• 3-5 years of relevant experience in a similar role
• Bachelor's Degree in a relevant field

• Detection-as-Code (CI/CD) and Signal Optimization
• SOAR & IR Automation (low-code workflows, Tines plus)
• System Resilience, Lifecycle Management, and AI Solutioning
• Python Scripting (APIs, webhooks)
• Log Querying: SQL, Logscale, KQL, or SPL
• DevOps: IaC (Terraform/Puppet) and CI/CD (GitHub/GitLab)
• Identity & Access Governance (Okta/Entra ID)
• Public Cloud & Container Security (AWS, Azure, GCP)
• Data Security (DLP) and Compliance (PCI-DSS, SOX, GDPR)
• Security Systems Integration & Operational Knowledge (SOC, IR, CSIRT)

• Highly motivated and passionate
• Excellent collaboration and communication skills
• Can-Do, solution-oriented, and delivery-focused approach
• Flexible, practical, and quick to adapt
• Demonstrates ownership, accountability, and proactiveness
• Seeks continuous improvement
• A humble team player
• Represents a plus
• Hands-on experience with Tines (no-code automation platform)

• Infrastructure Management: Owns the end-to-end technical lifecycle, deployment, and optimization of enterprise Data Security platforms (specifically CASB/DLP) across multi-cloud and enterprise environments.
• System Reliability: Applies SRE (Site Reliability Engineering) practices to ensure the continuous availability and performance of security telemetry pipelines and detection engines.
• Engineering for Scale: Implements "Security as Code" using Terraform, Puppet, and Git to automate the deployment of data protection policies across all Booking Holdings brands.

• Use Case Development: Designs and implements high-fidelity detection logic by correlating data security telemetry with wider security datasets (SIEM/XDR) to identify advanced threat actor TTPs.
• Operational Efficiency: Responsible for the continuous tuning and optimization of alert precision to reduce false-positive rates, directly improving the "Signal-to-Noise" ratio for the 24/7 Security Operations Center (SOC).
• Telemetry Enrichment: Engineers data pipelines to ensure all security events are enriched with relevant context (Identity, Asset, Geolocation) before reaching incident response teams.

• Orchestration Development: Develops and maintains Python-based automation playbooks within the SOAR platform to execute real-time, automated containment actions (e.g., automated session revocation).
• Systems & Reliability: Acts as the technical escalation point for the Cyber Defense & Response team during critical systemic bottlenecks, large-scale alert floods and platform outages and participates in a shared 24/7 on-call rotation to ensure continuous operational resilience
• Process Improvement: Continuously identifies manual gaps in the Incident Response lifecycle and implements engineering solutions to reduce Mean Time to Remediate (MTTR).

• Technical Liaison: Collaborates with Product and Infrastructure teams across various brands to integrate security controls into their workflows without impacting business velocity.
• Audit & Assurance: Provides technical evidence and documentation for regulatory requirements (PCI-DSS, GDPR, SOX) to ensure that engineering controls remain compliant and effective.
• Documentation: Maintains rigorous technical documentation of all detection logic, automation scripts, and platform architectures to ensure team-wide knowledge transfer.

• Health insurance
• Prepaid medical subscription (Regina Maria)
• Life insurance
• Meal vouchers
• Learning wallet
• Travel benefit
• Annual vacation leave of 25 business days, pro rata with the working period
• Birthday day off
• Summer break (short Fridays during summer)
• Work from Abroad program (up to 20 days/year in EU)
• Floating days off
• 2 Volunteer days/ year
• Home office one-time bonus
• Bookster
• Linkedin learning platform
• Headspace
• Employee discounts (travel, gym, dental, vision)

Booking Holdings Center of Excellence is part of Booking Holdings, the world's leading provider of online travel and related services, with a rich heritage of digital innovation. The Center provides access to specialized and highly skilled talent, supports projects powered by new and emerging technologies, leverages industry best practices, and fosters collaboration opportunities across all of the Booking Holdings brands, including Booking.com, Priceline, Agoda, KAYAK and OpenTable.

If you are interested to find out more about the Booking Holdings Center of Excellence visit our website: www.bookingholdings-coe.com.

Booking Holdings (NASDAQ: BKNG) is the world’s leading provider of online travel and related services, provided to consumers and local partners in more than 220 countries and territories through five primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK and OpenTable. The mission of Booking Holdings is to make it easier for everyone to experience the world.