TripAdvisor is seeking an experienced security focused technical manager to join our Technology and Infrastructure group. In this role your charter will be to build and lead a team tasked with ensuring that TripAdvisor’s website is secure from external abuse and appropriately protects our users’ data. You will identify and lead efforts to develop and maintain the processes and monitoring necessary to identify security vulnerabilities within the TripAdvisor site. Additionally, you will provide security guidance to our engineering and product teams in support of their products.
- Build and lead the Application Security Engineering team for TripAdvisor.
- Identify software security vulnerabilities within TripAdvisor and articulate their importance and relevance to our business.
- Propose and build new tools/infrastructure to make application security easy for TripAdvisor engineers.
- Define software development policy and govern implementation to assure adherence to standards.
- Work with TripAdvisor IT, Operations Staff, Product Managers, and Software Engineers to prevent and resolve issues.
- Active interest in promoting security awareness and mentor members of the development teams on company security standards, including secure coding guidelines.
- Analyze industry trends and incorporate into roadmaps for security strategy.
- Ensure security strategy is aligned with business strategy and overall company direction.
- B.S. or M.S. Computer Science, or equivalent experience.
- 7+ years of relevant work experience applying security practices to software development, with at least 2 years managing a team.
- You can manage a team towards long-term goals while delivering new capability daily.
- You have the ability to work with everyone from engineers to product owners to C-level executives to help communicate, prioritize, influence and inform key product decisions.
- You have successfully hired and built teams including interviewing, on-boarding, and mentoring.
- In-depth knowledge of common Internet vulnerabilities and techniques to identify and fix them.
- Java or C++ development experience in a UNIX or Linux environment.
- Strong analytical, problem-solving, and communication skills.
- Contributions to the security community are a plus.