Security Operations Analyst II Secu...

About the Role

Expedia Group is seeking a Security Operations Analyst II to join their Security Compliance Center in Gurugram. This role is crucial for supporting the execution of security compliance and IT audit activities. You will be responsible for coordinating evidence collection, tracking requests, and ensuring timely responses to both internal and external stakeholders. A key aspect of this position involves collaborating with partners across technology and business teams to ensure adherence to critical compliance frameworks such as PCI DSS, SOC 2, NIST CSF, and ISO 27001, while maintaining comprehensive and accurate control documentation.

To manage these responsibilities effectively, you will leverage workflow tools like Jira or similar ticketing systems to oversee evidence queues, service level agreements (SLAs), and task assignments, ensuring clear status updates and timely completion of deadlines. You will also be tasked with documenting security, compliance, and IT operational processes, controls, and procedures in a clear, structured, and audit-ready format, contributing to a robust and consistent control library.

The role requires reviewing submitted artifacts to identify inconsistencies, control gaps, or missing evidence. You will escalate issues as needed and collaborate with technical and non-technical teams to drive resolutions. A foundational understanding of security concepts, including authentication, encryption, logging/monitoring, and network fundamentals, is essential. Furthermore, familiarity with AI-driven systems, tools, or workflows will be valuable in supporting compliance reviews and facilitating the safe integration and operation of AI/ML enabled solutions.

Who You Are

Minimum Qualifications:

• Bachelor's degree in Computer Science, Information Security, Information Systems, or a related technical field, or equivalent practical experience in security operations or security compliance.
• 2-4 years of experience in security operations, security compliance, or a related security engineering function supporting production environments or services.
• Hands-on experience with security operations or compliance tooling such as SIEM, CSPM, compliance centers, ticketing systems, or evidence repositories for monitoring controls, investigating issues, and maintaining compliance records.
• Demonstrated ability to follow and improve operational runbooks and standard operating procedures for alert handling, evidence collection, and escalation across multiple services or domains.
• Familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real-world products, particularly in the context of security monitoring, compliance automation, or analytics.

Preferred Qualifications:

• Security certifications relevant to operations or compliance, such as Security+, ISO 27001 Implementer/Auditor, or similar, supporting work with regulated or audited environments.
• Experience operating security compliance or security operations functions at scale across multiple products, services, or cloud environments, including tuning alerts, optimizing dashboards, and driving improvements based on data.
• Proven ability to partner with engineering, product, and audit teams to design and implement durable remediation plans, improve control coverage, and enhance end-to-end compliance workflows.
• Strong proficiency with scripting, automation, or security tooling integrations to improve operational efficiency, support data-driven decision making, and safely integrate and operate AI/ML enabled solutions that improve detection, response, or compliance accuracy.
• Familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real-world products, including using AI-assisted analytics or knowledge tools to accelerate investigations and scale security compliance center operations.