• 3-5 years of combined Information Security or Information Technology Experience
• 3-5 years of focus on vulnerability management programs.
• B.S. or M.S. Computer Science or a related field, or equivalent experience
• Firm understanding of MITRE ATT&CK framework & TTPs
• Practical experience using configuration management tools (Puppet preferred, Ansible or Chef accepted) to manage security tooling at scale.
• Solid understanding of software supply chain risks
• Hands-on experience building or maintaining SOAR workflows for security automation use cases.
• Knowledge of application and infrastructure security
• Experience working with cloud environments is a plus
• Understanding of common operating systems, networking protocols, and databases
• Strong scripting or equivalent programming experience

• Own end-to-end infrastructure vulnerability management, including scanner deployment, agent lifecycle management, scan policy tuning, and SLA-driven remediation workflows.
• Deploy and maintain scanning agents at scale using IaC/CM tooling such as Puppet, Ansible or Chef across heterogeneous environments.
• Integrate vulnerability scanning into CI/CD pipelines and conduct supply chain security assessments, tracking open-source dependencies and third-party components for known CVEs and emerging threats.
• Monitor and triage threat intelligence feeds (NVD, CISA KEV, vendor advisories, OSINT sources) to assess new vulnerability disclosures and translate them into prioritized remediation actions.
• Build and maintain SOAR playbooks to automate alert triage, ticket creation, enrichment, and escalation, reducing manual toil across the vulnerability management lifecycle.
• Define and enforce vulnerability severity thresholds and SLA policies in collaboration with other teams.
• Drive actionable metrics, prioritization and reporting for operations and leadership transparency
• Participate in security reviews of new infrastructure and application designs to identify vulnerability exposure early in the development lifecycle.
• Previous experience with SIEM dashboards and other reporting tools for incident response is nice to have
• Be readily available for incident response, forensics, troubleshooting, and security issues requiring event details.
• Maintain an up-to-date level of knowledge related to security threats, vulnerabilities, and mitigations set forth to reduce attack surface.
• Connect events to contextual security reports that security management and technical teams can easily comprehend.
• You will form repeatable processes for prioritizing and responding to alerts and developing playbooks.
• Develop enrichment pipelines and automation to enhance the fidelity of threat detections.
• Strong communication skills are required as well as the ability to work both independently and with a team.
• Assist with the creation and/or maintenance of operational security metrics with dashboards and reports

• Health insurance
• Prepaid medical subscription (Regina Maria)
• Life insurance
• Meal vouchers
• Learning wallet
• Travel benefit
• Annual vacation leave of 25 business days, pro rata with the working period
• Birthday day off
• Summer break (short Fridays during summer)
• Work from Abroad program (up to 20 days/year in EU)
• Floating days off
• 2 Volunteer days/ year
• Home office one-time bonus
• Bookster
• Linkedin learning platform
• Employee discounts (travel, gym, dental, vision)

Booking Holdings Center of Excellence is part of Booking Holdings, the world's leading provider of online travel and related services, with a rich heritage of digital innovation. The Center provides access to specialized and highly skilled talent, supports projects powered by new and emerging technologies, leverages industry best practices, and fosters collaboration opportunities across all of the Booking Holdings brands, including Booking.com, Priceline, Agoda, KAYAK and OpenTable.

If you are interested to find out more about the Booking Holdings Center of Excellence visit our website: www.bookingholdings-coe.com.

Booking Holdings (NASDAQ: BKNG) is the world’s leading provider of online travel and related services, provided to consumers and local partners in more than 220 countries and territories through five primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK and OpenTable. The mission of Booking Holdings is to make it easier for everyone to experience the world.