Finance and Economics IT Management & Business Others
3 - 5 Years
Sr. IT & Cyber Security Auditor
SENIOR CYBERSECURITY & PRIVACY AUDITOR
At Booking.com, our mission is to make it easier for everyone to experience the world. And while that world might feel a little farther away right now, we’re busy preparing for when the world is ready to travel once more. With strategic long-term investments into what we believe the future of travel can be, we are opening career opportunities that will have a strong impact on our mission.
The Senior Cybersecurity & Privacy Auditor role is part of the Global Internal Audit (GIA) team of Booking Holdings and has a strong focus on planning and executing cybersecurity, privacy and other Technology audits at Booking.com and other Booking Holdings companies. This role is based in the Amsterdam offices of Booking.com and involves regular travel to other Booking Holdings companies.
Participates in a broad range of assurance activities to assess the cybersecurity posture of our Brands and identify control weaknesses.
Leads and executes audits in relevant areas such as Privacy, Cloud and Business Continuity/Disaster Recovery.
Provides support in other audit projects as required, such as IT SOX audits, ad-hoc reviews, integrated audits, etc.
Proactively stays up to date with emerging risks, threats and best practices, and understands how these can affect the business and the wider online travel industry.
Prepares audit reports and other documents regarding audit scope, procedures, findings and recommendations.
Acts as a trusted advisor to the IT / Cybersecurity organization and management.
A bachelor’s degree in technology, computer science or a related field.
CISA, CISSP, CISM, CEH, CIPP/E or related certification.
Minimum of 5 years of progressive IT Audit experience in a Big 4 firm or security advisory firm, and/or Internal Audit with strong experience in delivering successful information security and privacy audits.
Excellent (audit) report writing and oral communication skills.
Ability to navigate through complex systems, ambiguity, and to manage multiple project assignments.
Strong program management and stakeholder engagement skills.
International mindset and experience to work effectively with team members and colleagues around the world.
Good understanding of the standards of the Institute of Internal Auditors (IIA) and ability to fully comply with IIA standards.
Excellent knowledge of auditing Cyber Security operations and knowledge of key areas such as threat intelligence, security monitoring, cybersecurity governance, identity & user access management, vulnerability management.
Excellent understanding of key principles and concepts on data privacy/data protection as well as GDPR requirements and how to audit them – experience in CCPA and other regulations is a plus.
Good understanding of IT Control and Security Frameworks, such as COBIT; ISO 27001 and NIST CSF / SP 800-53, SWIFT.
Audit knowledge of Cloud security and Container security.
Practical experience on DevOps tools like Puppet, Jenkins, Git, Docker, or Kubernetes.
Experience in Red team / Purple team operations.
Global Internal Audit – Who We Are
Our contribution to the bigger picture
We’re here to provide assurance through objective analysis, insights and advice on the key risks that you and the company face. Being at the forefront of an industry and constantly reinventing yourself requires taking a certain amount of risk. We’re here to make sure you can move at full speed, being reassured that safety nets are in place.
More than auditors
As our name suggests, we audit. We look at how the company manages risk and how we can optimize this process. However, we do a lot more. Touching every brand and function within Booking Holdings, we are able to connect people, share lessons learned and good practices. This way, we drive change to make our company stronger.
Partner for success
We are not only here to identify risks and to point out what could go wrong. We invest in our understanding of the business and in our relationship with you. We partner with you to help you and the company become more successful. To achieve our goals, we require full transparency. In return, we offer exactly the same. That means that when working with us, you will know what to expect during every step of the way. Also, we’re objective by design. So, no agendas to push other than achieving the company’s longer term goals in a sustainable manner.
What makes us tick?
GIA is a diverse group of enthusiastic people with an analytical mind and a curious nature. We bring a fresh pair of eyes and can see the bigger picture. We operate globally, across all brands and cultures. In doing so, we meet new people that broaden our knowledge every day. We take pride in moving Booking Holdings forward by partnering with the brands and the people that make up this great company.