Intro
- This will be a remote role to start, with plans to transition to hybrid in-office 2x/week located in downtown Toronto.
- With millions of diners, 60,000+ restaurant partners and 25+ years of experience, OpenTable, part of Booking Holdings, Inc. (NASDAQ: BKNG), is an industry leader with a passion for helping restaurants thrive. Our world-class technology empowers restaurants to focus on what matters most – their team, their guests, and their bottom line – while enabling diners to discover and book the perfect restaurant for every occasion.
- Every employee at OpenTable has a tangible impact on what we do and how we do it. You’ll also be part of a global team and its portfolio of metasearch brands. Hospitality is all about taking care of others, and it defines our culture.
Responsibilities
- Conduct threat modeling and security design reviews for new and changing application features, APIs, and integrations; provide actionable guidance to engineering and product teams.
- Partner with Product and Engineering to translate business requirements into security requirements, performing risk assessments and defining compensating controls when needed.
- Translate risk findings and incident learnings into prioritized remediation plans and mitigations, including short-term risk reduction and long-term design improvements.
- Build and maintain automation to scale the design review process and streamline vulnerability triage.
- Serve as a subject matter expert during security incidents. Assist in triage, analysis, and technical containment.
- Drive post-incident and post-release learning. Turn incident learnings into new design patterns, detection alerts, or developer training to prevent recurrence.
- Monitor the threat landscape to ensure our design reviews and IR playbooks stay ahead of modern attack vectors
- Evaluate and implement vendor security solutions that improve detection, response, and secure design, ensuring effective integration into security processes.
Our Ideal Candidate Will Have
- 5-7 years of combined Information Security Experience
- B.S. or M.S. Computer Science or a related field, or equivalent experience
- A fast learning curve and a track record of partnering effectively with cross-functional teams to achieve security goals
- A "consultant" mindset with the ability to offer alternatives, partnering with engineers to find creative solutions that satisfy both security requirements and product deadlines
- Experience in assessing new application features and establishing secure guidelines for Product teams
- Comfort in the "heat of battle" with the technical depth to triage application-layer attacks and assist in steering a team toward containment
- Skill in explaining complex security concepts to audiences ranging from Product Managers to Senior Engineers
- Proficiency in at least one backend language (e.g. Java, Python, etc) and can navigate unfamiliar codebases to identify logic flaws and vulnerabilities,
- Solid understanding of network and web protocols.
- Experience with the security of intra-company and third-party APIs.
- Operate with a high level of independence
- Candidate Bonus Points for the Following: Technical certifications within information security (CISSP, CCSP, OSCP, OSWE or equivalents) Experience with access and identity management Experience with SIEM and log management
- Technical certifications within information security (CISSP, CCSP, OSCP, OSWE or equivalents)
- Experience with access and identity management
- Experience with SIEM and log management
- Technical certifications within information security (CISSP, CCSP, OSCP, OSWE or equivalents)
- Experience with access and identity management
- Experience with SIEM and log management
Benefits
- Generous paid vacation + time off for your birthday
- Work from (almost) anywhere for up to 20 days per year
- Focus on mental health and well-being: Company-paid therapy sessions through SpringHealth Company-paid subscription to Headspace Annual company-wide week off - the whole team fully recharges (and returns without a pile-up of work!)
- Company-paid therapy sessions through SpringHealth
- Company-paid subscription to Headspace
- Annual company-wide week off - the whole team fully recharges (and returns without a pile-up of work!)
- Paid parental leave
- Paid volunteer time
- Focus on your career growth: Development Dollars Leadership development Access to thousands of on-demand e-learnings
- Development Dollars
- Leadership development
- Access to thousands of on-demand e-learnings
- Travel Discounts
- Employee Resource Groups
- Private health and dental insurance
- Life and Disability insurance
- Company-paid therapy sessions through SpringHealth
- Company-paid subscription to Headspace
- Annual company-wide week off - the whole team fully recharges (and returns without a pile-up of work!)
- Development Dollars
- Leadership development
- Access to thousands of on-demand e-learnings
- There are a variety of factors that go into determining a salary range, including but not limited to external market benchmark data, geographic location, and years of experience sought/required. The expected range of compensation for this position based in Toronto, Canada, including commission and/or bonuses is $130,000-$160,000 CAD.
- We offer a competitive base salary and benefits including: health benefits; flexible spending account; retirement benefits; life insurance; paid time off (including PTO, paid sick leave, medical leave, bereavement leave, floating holidays and paid holidays); and parental leave benefits. This role is eligible to be considered for an annual bonus and equity grant.
Work Environment & Flexibility
- At OpenTable, we pride ourselves on fostering a global and dynamic work environment. As a team member with us, you will benefit from a schedule tailored to accommodate a global workforce operating across multiple time zones. While the majority of your responsibilities may align with conventional business hours, there will be instances where you are expected to manage communications - via calls, Slack messages, or emails - outside of regular working hours to effectively collaborate with international colleagues, respond to restaurant partners, and/or address urgent matters. OpenTable will always abide by and consider local laws and regulations.
Inclusion
- We’re committed to creating a workplace where everyone feels they belong and can thrive. We know the best ideas come when we bring different voices to the table, so we're building a team as dynamic as the diners and restaurants we serve—and fostering a culture where everyone feels welcome to be themselves.
- If you need accommodations during the application or interview process, or on the job, we’re here to support you. Please reach out to your recruiter to request any accommodations.
