Senior Security Operations Engineer

Viator
, a Tripadvisor company, is the leading marketplace for travel experiences. We believe that making memories is what travel is all about. And with 300,000+ travel experiences to explore—everything from simple tours to extreme adventures (and all the niche, interesting stuff in between)—making memories that will last a lifetime has never been easier. With industry-leading flexibility and last-minute availability, it's never too late to make any day extraordinary. Viator. One app, 300,000+ travel experiences you'll remember.

As part of Viator, you'll be joining a dedicated team focused on building and securing our unique platform. While our parent company, Tripadvisor, manages group-level enterprise security, our team has a laser focus on one thing: protecting the Viator product, its infrastructure, and our customers' data.

We are looking for a hands-on
Security Operations Engineer
to be the first line of defense for the Viator platform. This is a critical role that blends proactive security engineering with reactive incident response. You will live and breathe in our product's cloud environment, monitoring for threats, responding to security incidents, automating defenses, and working closely with our engineering teams to build a more resilient platform.

Viator is a remote-first company. This role is based remotely in Portugal / Poland.

What You'll Do
Product-Focused Incident Response:

• Monitor, analyze, and investigate security alerts originating from our AWS infrastructure, application logs, and security tooling (WAF, SIEM, Cloud-Native tools).
• Lead the response to security incidents that directly impact the Viator application, such as potential data breaches, application-layer attacks, or infrastructure compromises.
• Manage and triage vulnerabilities reported through our bug bounty program and other external sources.

Security Engineering & Automation

• Build and maintain security monitoring and alerting capabilities within our production environment.
• Automate security operations tasks using scripting languages like Python or Go to improve our detection and response times.
• Configure, tune, and manage security tools like our Web Application Firewall (WAF), AWS GuardDuty, and Security Hub.

Vulnerability Management & Collaboration

• Operationalize findings from application security tools (SAST, DAST, SCA) by working with engineering teams to prioritize and remediate vulnerabilities in our codebase and dependencies.
• Conduct threat modeling for new features to identify and mitigate risks before they reach production.
• Act as a security subject matter expert for our product and engineering teams, providing guidance on secure coding practices and architecture.

What You'll Bring
Required Experience (Must-Haves):

• AWS Security: Deep, hands-on experience securing a production environment in AWS. You must be comfortable with its core security services (e.g., GuardDuty, Security Hub, WAF, CloudTrail).
• Incident Response: Proven experience managing the full lifecycle of security incidents, from initial detection and analysis to containment, remediation, and post-mortem.
• Infrastructure as Code: Strong proficiency with Terraform for managing and securing cloud infrastructure. You should be able to read, write, and review Terraform code for security best practices.
• Scripting for Automation: Proficiency in at least one scripting language (e.g., Python, Go, Bash) to automate security operations and analysis tasks.
• Application Security Fundamentals: A solid understanding of common web application vulnerabilities (OWASP Top 10) and how to defend against them.

Perks of Working at Viator

• Competitive compensation packages, including base salary, annual bonus, and equity.
• "Work your way" with flexibility to suit your lifestyle. We take a remote-friendly approach to collaboration, with the option to join on-site as often as you'd like in select locations.
• Flexible schedule. Work-life balance is ingrained in our culture by design. Trust and accountability make it work.
• Donation matching. Give back? Give more We match qualifying charitable donations annually.
• Tuition assistance. Want to level up your career? We love to hear it Receive annual support for qualified programs.
• Lifestyle benefit. An annual benefit to spend on yourself. Use it on travel, wellness, or whatever suits you.
• Travel perks. We believe that travel is employee development, so we provide discounts and more.
• Employee assistance program. We're here for you with resources and programs to help you through life's challenges.
• Health benefits. We offer great coverage and competitive premiums

Our Values
We aspire to lead; We're relentlessly curious;... want to know more? Read up on our values:

• We aspire to lead. Tap into your talent, ambition, and knowledge to bring us – and you – to new heights.
• We're relentlessly curious. We push beyond the usual, the known, the "that's just how it's done."
• We're better together. We learn from, accept, respect, support, and value one another– and are creating something remarkable in the process.
• We serve our customers, always. We listen, question, respond, and strive for wow moments.
• We strive for better, not perfect. We won't get it right the first time – or every time. We'll provide a safe environment in which to make mistakes, iterate, improve, and grow.
• Our workplace is for everyone, as is our people powered platform. At Tripadvisor, we want you to bring your unique identities, abilities, and experiences, so we can collectively revolutionize travel and together find the good out there.