Job Description

Director, Risk Management Location: Austin, Texas, United States Type: Full-time Regular Last Updated: 10/22/2025 Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success. Why Join Us? To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win. We provide a full benefits package, including exciting travel perks, generous time‑off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We are building a more open world. Join us. Introduction to the team Expedia Technology teams partner with our Product teams to create innovative products, services, and tools to deliver high-quality experiences for travelers, partners, and our employees. A singular technology platform powered by data and machine learning provides secure, differentiated, and personalized experiences that drive loyalty and traveler satisfaction. As a leader on our security team, you will be at the forefront of safeguarding Expedia Group's global digital landscape. This role is pivotal in shaping and implementing a mature, proactive cyber risk management program. You will collaborate with teams across technology, product, and business units to embed security into our DNA, protect our travelers and partners, and enable the company to achieve its strategic goals securely. Responsibilities Develop and implement a multi-year, proactive cyber risk management program, establishing clear governance, risk appetite, and ownership. Oversee the end-to-end risk lifecycle, from identification and assessment using NIST-aligned methodologies to response, monitoring, and authorization. Advise executive leadership and the board on our cyber risk posture, presenting clear insights and metrics to support strategic decision‑making. Drive operational excellence by formalizing exception handling, automating workflows, and integrating risk management into agile and DevOps processes. Lead the achievement and maintenance of alignment with NIST CSF maturity goals and other key compliance frameworks. Build, lead, and mentor a high‑performing risk management team, fostering a culture of collaboration, accountability, and continuous improvement. Champion change management strategies to support workforce transformation, including upskilling and AI fluency initiatives. Collaborate with engineering, product, security, privacy, and compliance teams to deliver integrated risk and governance strategies. Model and reinforce Expedia Group’s values, promoting an environment where people feel valued, motivated, and inspired to excel. Minimum Qualifications Bachelor’s degree in a related technical field; or equivalent related professional experience. 10+ years of experience in cyber risk management. 5+ years of experience in managing teams. Proven ability to assess and manage risks in cloud-native architectures (AWS, Azure, GCP), agile development, and data-driven platforms. Deep understanding of risk management methodologies (NIST CSF, ISO 31000, COSO ERM) and regulatory frameworks (SOX, PCI, SOC 2, GDPR, CCPA). Preferred Qualifications Experience within high-growth technology or SaaS environments. Industry certifications such as CRISC, CISA, CISSP, or ISO 31000. Demonstrated success in cross‑functional leadership, proficient executive communication, and building scalable risk programs. Experience with automation, risk register normalization, and continuous monitoring of key controls. Experience collaborating across GRCP functions and with privacy, legal, and IT to deliver integrated risk and governance strategies. Experience in advocating for inclusive talent practices that attract and retain diverse, high‑potential individuals prepared to lead in a dynamic environment. Pay Range Base salary: $201,000 – $281,500. Potential total compensation up to $321,500, based on performance. The salary range applies to locations in Austin and Seattle. Benefits Medical, dental, vision, paid time off, Employee Assistance Program, wellness & travel reimbursement, travel discounts, International Airlines Travel Agent membership, and more. For a full list of benefits, visit our careers page. Accommodation Requests If you need assistance with any part of the application or recruiting process due to a disability or other physical or mental health conditions, please reach out to our Recruiting Accommodations Team through the Accommodation Request link. Expedia is proud to be named Best Place to Work on Glassdoor in 2024 and to be recognized for award-winning culture by organizations such as Forbes, TIME, Disability:IN, and others. Expedia Group® is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The employer will provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's I‑9 to confirm work authorization. #J-18808-Ljbffr Traveltechessentialist

Job Tags

Similar Jobs