Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.
As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world’s leading provider of online travel, with a mission of making it easier for everyone to experience the world through five-primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK and OpenTable.
Role description
The Operations Manager - Account Security is a key leadership role responsible for managing the day-to-day functions of the Account Security Operations (AccOps) team. You will be focused on supporting the team to work on operations, innovation, adapt to change, and strategic planning and projects to improve account security capabilities. You will work closely with the other security, fraud teams and business partners across the organization to deliver the best account security and minimize customer and partner impact.
This leadership role is also critical in maintaining trust and ensuring Booking.com's legal and regulatory compliance (GDPR, etc.) through the effective reporting of potential data breaches.
This role provides a hybrid way of working with an onsite presence of 2 days/week.
Key Job Responsibilities and Duties
Team Leadership: Lead, manage, and mentor a team of Account Security Analysts responsible for 24/7 monitoring, detection, investigation, and response to account security events and incidents
Operational Execution: Execute the operational roadmap for the Account Security Operations team, ensuring alignment with Booking.com's broader Product Security Ops & Response strategy
Incident Management: Manage the team's response to Account security incidents, ensuring timely and effective containment, eradication, and recovery. Act as an escalation point for investigations
Process Improvement: Drive continuous improvement of the team’s detection, response, and account security capabilities—including refining security runbooks and identifying new threat patterns
Performance Metrics: Establish and monitor operational KPIs and SLOs to ensure team effectiveness and adherence to internal standards
Collaboration: Partner closely with Account Security Engineering, Privacy, Legal, Compliance, and platform teams to provide operational insights, support new control implementation, and ensure effective feedback loops
Talent Development: Attract, develop, and retain talent in account security operations. Foster a culture of continuous learning and high performance
Stakeholder Communication: Clearly communicate with stakeholders on team performance, incident status, and operational needs. Translate strategic objectives into actionable team goals
Regulatory Adherence: Ensure adherence to regulatory requirements (GDPR, etc.) and internal policies relevant to account security regulatory obligations and incident management
Role Qualifications and Requirements
Bachelor’s Degree
5 to 8 years of relevant experience
People and operational leadership experience, particularly with global teams
Advanced experience with account security principles, security tools for data protection, and threat monitoring
Strong understanding of regulatory environments for data protection (GDPR)
Experience in developing security runbooks, process optimization, and performance monitoring with KPIs and SLOs
Strong stakeholder management and executive communication skills
Demonstrated ability to coach, develop, and motivate high-performing technical teams
Excellent crisis management skills; calm under pressure
Mastery of cyber security standards and best practices within Account Security domain (ideally CISM certification)
Autonomy: Independently manages and drives complex security initiatives with minimal oversight. Proactively identifies security gaps and proposes solutions without explicit direction. Demonstrates strong ownership and accountability for their work and its impact
Communication: Communicates complex technical security concepts clearly and concisely to diverse audiences, including technical and nontechnical stakeholders. Effectively presents security risks, findings, and recommendations in a persuasive and understandable manner. Facilitates clear and effective communication within and across teams on security-related topics
Decision making/ problem solving: Independently analyzes complex security issues and incidents to identify root causes and develop effective solutions. Makes well informed decisions based on data, risk assessment, and understanding of business context. Takes ownership of problems and drives them to resolution, even when facing ambiguity or challenges
Dynamic Learning Mindset: Demonstrates a strong commitment to continuous learning and stays updated with the latest security trends, technologies, and attack techniques. Proactively seeks out opportunities to expand their security knowledge and skills. Shares their learning and insights with the team to enhance overall security awareness and capabilities
Coaching/ mentoring: Provides guidance and mentorship to less experienced security analysts and other technical team members on security principles and practices. Shares technical expertise and helps others develop their security skills. Provides constructive feedback and supports the professional growth of colleagues
Benefits & Perks
Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide
Working in a fast-paced and performance driven culture
Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
Competitive compensation and benefits package
Vast amounts of data to validate your ideas and the opportunity to experiment with real users
Booking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.
