Senior Product Security Architect

Expedia·Workday
Austin Domain 11Full-timeup to $295kPosted Jul 6, 2026
Apply

At Expedia Group, we help travelers explore the world, one journey at a time. As a global travel company powered by passionate people, trusted partnerships, and leading technology, we connect travelers, partners, and advertisers through our consumer brands, B2B network, and travel advertising business.


Here, you'll do meaningful work that helps millions of people discover, book, and experience travel with more ease, confidence, and joy. Our five Behaviors-Traveler First, Think Big, Operate with Excellence, Ownership Mindset, and Succeed Together-help foster a supportive environment where people can grow their careers and have the flexibility, benefits, and support to do their best work. Join us and build for travelers everywhere.

Senior Product Security Architect

Our Technology Team partners with teams across Expedia Group to create innovative products, services, and tools to deliver high-quality experiences for travelers, partners, and our employees. A singular technology platform powered by data and machine learning provides secure, differentiated, and personalized experiences that drive loyalty and traveler satisfaction.

The Product Security Architecture team partners with product, engineering, and platform teams to ensure security and privacy are built into Expedia Group products by design, from ideation through operations. We enable our business partners to build resilient, future-ready solutions that advance Expedia Group's security posture and operational velocity.

We focus on secure-by-design product architecture, security assessments, threat modeling, and continuous verification of security requirements across our business products and platforms.

You will join a small, senior team of hands-on product security architects who work across domains and technologies, helping teams make pragmatic security decisions that enable innovation at scale.

In this role, you will:

  • Serve as a trusted product security architecture advisor to product, engineering, and platform teams, helping them design secure, highly available, and privacy-aware products and services.

  • Lead and facilitate threat modeling and security assessments for new and evolving products, services, and platforms, translating findings into clear, actionable recommendations.

  • Partner closely with product and engineering leaders to embed security requirements into product roadmaps, design reviews, and delivery processes without slowing down innovation.

  • Provide thought leadership around enabling and applying AI across the Product Security org.

  • Be a change agent influencing and scaling the adoption of AI-enabled security tooling and best practices across the product security organization.

  • Drive continuous verification of product security controls and requirements through AI-enabled automation and integration with existing product security tooling.

  • Communicate complex product security and architecture trade-offs in a clear, outcome-focused way to both technical and non-technical stakeholders, from senior ICs to senior leadership.

  • Mentor and coach product managers, engineers, and architects to raise the bar on product security literacy and design thinking across the organization.

  • Contribute to the broader Expedia Group security strategy by identifying emerging product security risks and technology trends and proposing pragmatic, long-term architecture approaches.

  • Contribute to creating a culture of continuous learning, data-driven decisions, and improvements.

  • Collaborate across IT and Information Security teams to ensure end to end coverage across the product lifecycle – from concept and design through build, launch and operations.


Minimum Qualifications

  • Bachelor’s degree in Computer Science or a related technical field; or equivalent related professional experience.

  • 10+ years of product security and development experience

  • Extensive experience performing application threat modeling

  • Extensive experience conducting architecture reviews to find and evaluate application and infrastructure security risks

  • Significant experience in the last several years applying Generative AI in software development and for end users, ideally in the context of a medium or large enterprise.

  • Deep understanding of modern product development practices and CI/CD and how AI can change and improve these practices to increase both quality and velocity.

  • Familiarity with ‘agentic’ architectures including SDKs, context engineering, MCPs, authorization.


Preferred Qualifications:

  • Expertise in public cloud platforms (AWS is preferred), containerization and orchestration (Kubernetes, Docker), and related technologies.

  • Excellent communication and collaboration skills, with the ability to work effectively with both technical and non-technical stakeholders.

  • Track record of setting and evolving security architecture standards, patterns, and guardrails for complex, multi-tenant or multi-domain platforms, and driving their adoption across diverse engineering teams.

  • Experience operating product security at scale in cloud-native environments (such as large microservices architectures), including secure service-to-service communication, token-based auth, and secret and certificate management.

  • Deep experience conducting and scaling threat modeling, security design reviews, and architecture risk assessments, and using insights to shape platform capabilities, reusable controls, and security automation.

  • Familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real world products, including leveraging AI/ML‑enabled code analysis, anomaly detection, or security automation; safely integrates and operates AI/ML‑enabled solutions that improve security posture, detection, and response.

  • Demonstrated experience taking products from concept to scaled adoption by partnering with product and engineering leadership to embed security requirements into product vision, architecture, and roadmaps, and to measure and report on security outcomes.

The total cash range for this position in Austin is $184,500.00 to $258,000.00. Employees in this role have the potential to increase their pay up to $295,000.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.

Benefits and perks

Expedia Group offers benefits and perks designed to support employees and their families, including medical, dental, and vision coverage, paid time off, an Employee Assistance Program, wellness and travel reimbursement, travel discounts, and International Airlines Travel Agent Network (IATAN) membership. Learn more about life at Expedia Group at https://careers.expediggroup.com/life.


Accommodation requests

Expedia Group is committed to providing an inclusive and accessible recruiting experience. If you need an accommodation or adjustment due to a disability during the application or recruiting process, please submit a request at https://expedia.service-now.com/askeg?id=job_accommodation.


About Expedia Group

Expedia Group includes three flagship consumer brands - Expedia, Hotels.com, and Vrbo - along with a leading B2B travel business and travel advertising offerings. Across our brands and business, we help travelers explore the world with confidence and ease.


Important notice

Employment opportunities and job offers at Expedia Group will always come from Expedia Group's Talent Acquisition and hiring teams. Never share sensitive personal information unless you are confident of the recipient. Expedia Group does not extend job offers via email or messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official place to find and apply for roles is https://careers.expediagroup.com/jobs/.


Equal Opportunity

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other characteristic protected by law. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free