Booking Holdings Romania - Cyber Defense Service Monitoring Specialist, Enterprise Security

Booking Holdings (NASDAQ: BKNG)Romania2 days ago

Full-timeRemote FriendlyOther

Track This Job

Add this job to your tracking list to:

Monitor application status and updates
Change status (Applied, Interview, Offer, etc.)
Add personal notes and comments
Set reminders for follow-ups
Track your entire application journey

Save This Job

Add this job to your saved collection to:

Access easily from your saved jobs dashboard
Review job details later without searching again
Compare with other saved opportunities
Keep a collection of interesting positions
Receive notifications about saved jobs before they expire

AI-Powered Job Summary

Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.

Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.

Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.

As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world’s leading provider of online travel, with a mission of making it easier for everyone to experience the world through five-primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK and OpenTable.

Role Description

The Cyber Defense Service Monitoring Specialist is an internal technical role within Booking.com - Enterprise Security - Cyber Defense & Response.

This position is responsible for oversight and technical validation of security services delivered by BKNG Shared Cybersecurity Services, ensuring they meet Booking.com’s operational, technical, and quality standards.

The specialist acts as a technical liaison, metrics analyst, and process improvement lead, monitoring BKNG Shared Cybersecurity Services activities, reviewing SOPs, driving tuning and automation, and collaborating with internal engineering and incident response teams to continuously enhance Booking.com’s security operations.

This role provides a hybrid way of working with an onsite presence of 2 days/week.

Key Job Responsibilities And Duties

Monitoring & Technical Review:

Monitor and validate alerts, escalations, investigations and operational activities from BKNG Shared Cybersecurity Provider to ensure accuracy, completeness, and adherence to Booking.com standards.
Monitor alert categorization, incident handling, and workflows to ensure alignment with Booking.com policies and technical requirements.
Review and improve both BKNG Shared Cybersecurity Services and internal SOPs, identifying gaps and recommending enhancements for operational effectiveness.

Metrics, Analysis & Trend Identification:

Track and analyze key operational metrics (SLA adherence, MTTA, MTTR, alert volumes, FP/TP rates, ingestion/detectors anomalies, alert trends, etc) across all BKNG Shared Cybersecurity Services.
Identify trends, inefficiencies, or gaps, and propose actionable improvements to enhance detection, response, SOPs and overall SOC efficiency.

Tuning, Automation & Continuous Improvement:

Review BKNG Shared Cybersecurity Services proposals for detection rules, tuning, workflows, and automation; assess technical feasibility and impact for Booking.com.
Drive analysis and implementation process of approved proposals to optimize Booking.com’s Security Operations.
Proactively identify and implement workflow, SOP, processes and automation improvements for both BKNG Shared Cybersecurity Services and internal Booking.com processes to increase efficiency and service quality.

Collaboration, Technical Leadership & Knowledge Sharing:

Serve as the technical liaison for Booking.com, representing the Enterprise Security organization in meetings and discussions with BKNG Shared Cybersecurity Services.
Collaborate with internal engineering, incident response, and other security teams to implement tuning, automation, tooling, SOP and workflow enhancements.
Act as a Subject Matter Expert, providing guidance and knowledge transfer to both internal teams and BKNG Shared Cybersecurity Services on Booking.com’s environment, tools, processes, and requirements.
Ensure alignment between internal teams and BKNG Shared Cybersecurity Services on technical, operational, and strategic objectives.

Project Ownership & Delivery:

Collaborate on various departmental projects that strengthen Booking.com’s cybersecurity posture and support organizational objectives.
Ensure project outcomes are measurable, aligned with risk reduction goals, and effectively integrated into ongoing operations.

Role Qualifications And Requirements

Required:

3-5+ years in Cyber Defense, SOC Operations, Threat Detection, or Incident Response.
Strong technical knowledge of SOC workflows, alert triage, detection engineering, incident investigation, and multiple cybersecurity services.
Hands-on experience with SIEM/SOAR platforms, EDR solutions, Cloud Enviroments, alert tuning, workflow optimization, and SOP analysis.
Ability to analyze metrics, trends, and operational data to drive technical improvements.
Excellent communication skills for technical discussions with internal teams and BKNG Shared Cybersecurity Services.

Preferred:

Previous experience in shared-services or managed SOC environments.
Knowledge of automation and orchestration tools (SOAR).
Strong understanding of corporate, production, and cloud environments.
Relevant certifications, but not mandatory: GCIA, GCIH, GCFR, GCDA, or equivalent.

Benefits & Perks

Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide
Working in a fast-paced and performance driven culture
Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
Competitive compensation and benefits package
Vast amounts of data to validate your ideas and the opportunity to experiment with real users

Booking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.

Pre-Employment Screening

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.

Key Skills

Ranked by relevance

Ready to apply?

Join Booking Holdings (NASDAQ: BKNG) and take your career to the next level!

Application takes less than 5 minutes

Apply