Job Description
This will be a remote role to start, with plans to transition to hybrid in-office 2x/week located in downtown Toronto.
With millions of diners, 60,000+ restaurant partners and 25+ years of experience, OpenTable, part of Booking Holdings, Inc. (NASDAQ: BKNG), is an industry leader with a passion for helping restaurants thrive. Our world-class technology empowers restaurants to focus on what matters most – their team, their guests, and their bottom line – while enabling diners to discover and book the perfect restaurant for every occasion.
Every employee at OpenTable has a tangible impact on what we do and how we do it. You’ll also be part of a global team and its portfolio of metasearch brands. Hospitality is all about taking care of others, and it defines our culture.
Responsibilities:
- Conduct threat modeling and security design reviews for new and changing application features, APIs, and integrations; provide actionable guidance to engineering and product teams.
- Partner with Product and Engineering to translate business requirements into security requirements, performing risk assessments and defining compensating controls when needed.
- Translate risk findings and incident learnings into prioritized remediation plans and mitigations, including short-term risk reduction and long-term design improvements.
- Build and maintain automation to scale the design review process and streamline vulnerability triage.
- Serve as a subject matter expert during security incidents. Assist in triage, analysis, and technical containment.
- Drive post-incident and post-release learning. Turn incident learnings into new design patterns, detection alerts, or developer training to prevent recurrence.
- Monitor the threat landscape to ensure our design reviews and IR playbooks stay ahead of modern attack vectors
- Evaluate and implement vendor security solutions that improve detection, response, and secure design, ensuring effective integration into security processes.
Our Ideal Candidate Will Have:
- 5-7 years of combined Information Security Experience
- B.S. or M.S. Computer Science or a related field, or equivalent experience
- A fast learning curve and a track record of partnering effectively with cross-functional teams to achieve security goals
- A “consultant” mindset with the ability to offer alternatives, partnering with engineers to find creative solutions that satisfy both security requirements and product deadlines
- Experience in assessing new application features and establishing secure guidelines for Product teams
- Comfort in the “heat of battle” with the technical depth to triage application-layer attacks and assist in steering a team toward containment
- Skill in explaining complex security concepts to audiences ranging from Product Managers to Senior Engineers
- Proficiency in at least one backend language (e.g. Java, Python, etc) and can navigate unfamiliar codebases to identify logic flaws and vulnerabilities,
- Solid understanding of network and web protocols.
- Experience with the security of intra-company and third-party APIs.
- Operate with a high level of independence
- Candidate Bonus Points for the Following:
- Technical certifications within information security (CISSP, CCSP, OSCP, OSWE or equivalents)
- Experience with access and identity management
- Experience with SIEM and log management
Benefits:
- Generous paid vacation + time off for your birthday
- Work from (almost) anywhere for up to 20 days per year
- Focus on mental health and well-being:
- Company-paid therapy sessions through SpringHealth
- Company-paid subscription to Headspace
- Annual company-wide week off - the whole team fully recharges (and returns without a pile-up of work!)
- Paid parental leave
- Paid volunteer time
- Focus on your career growth:
- Development Dollars
- Leadership development
- Access to thousands of on-demand e-learnings
- Travel Discounts
- Employee Resource Groups
- Private health and dental insurance
- Life and Disability insurance
There are a variety of factors that go into determining a salary range, including but not limited to external market benchmark data, geographic location, and years of experience sought/required. The range for this Toronto, Canada based role is $130,000-$160,000 CAD.
We offer a competitive base salary and benefits including: health benefits; flexible spending account; retirement benefits; life insurance; paid time off (including PTO, paid sick leave, medical leave, bereavement leave, floating holidays and paid holidays); and parental leave benefits. This role is eligible to be considered for an annual bonus and equity grant.
Work Environment & Flexibility
At OpenTable, we pride ourselves on fostering a global and dynamic work environment. As a team member with us, you will benefit from a schedule tailored to accommodate a global workforce operating across multiple time zones. While the majority of your responsibilities may align with conventional business hours, there will be instances where you are expected to manage communications - via calls, Slack messages, or emails - outside of regular working hours to effectively collaborate with international colleagues, respond to restaurant partners, and/or address urgent matters. OpenTable will always abide by and consider local laws and regulations.
Inclusion
We’re committed to creating a workplace where everyone feels they belong and can thrive. We know the best ideas come when we bring different voices to the table, so we’re building a team as dynamic as the diners and restaurants we serve—and fostering a culture where everyone feels welcome to be themselves.
If you need accommodations during the application or interview process, or on the job, we’re here to support you. Please reach out to your recruiter to request any accommodations.
#LI-LR1
