Romania - Intelligence & Security Response Analyst II (2 years contract)

Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world's leading provider of online travel, with a mission of making it easier for everyone to experience the world through five-primary consumer facing brands: , Priceline, Agoda, KAYAK and OpenTable.The Intelligence and Security Response Analyst II is considered a crucial role in the front line defense of Booking Holdings in protection of their, and the brands', people, customers, partners and assets. The Intelligence team falls within the wider Booking Holdings Group Security and Resilience team, a dynamic, lean team requiring hands-on support in day to day safety, security and resilience operations. The analyst will perform global (active) monitoring, conduct research, assessments of geopolitical events, including identifying developing trends, and triaging incoming safety and security cases, both internal and external, often requiring the utilization of OSINT tools and techniques, in addition to working with stakeholders to best understand how these services can be continuously developed in order to provide the best internal service. As offices reopen you will ensure that the Intelligence team provides an effective first line of defense and escalation for any issues that may affect the safety or security, or the perception of such, by any colleague, regardless of level. The successful candidate will follow and develop pre-defined actions and utilize OSINT skills to investigate possible security incidents and/or perform initial incident response actions for a wide range of stakeholders, from travel security, to health and safety, PR, office management, crisis management and everything in between. Logging and creating visibility on day-to-day threats and initiated response is a critical aspect of this role, particularly as GSOC operations become increasingly formalized. The successful candidate will deliver analytical assessments in clear, succinct, and appropriately caveated products that project credibility, convey recommendations, and reinforce key messages.  The analyst may also be required to present intelligence findings or developments through presentations to relevant parties. Along with advancing our shared services offering in line with and Booking Holdings needs to reduce cross brand friction to allow higher quality and efficiency. Accountable to deliver according to set Service Level Agreements and other measures and instruments.This role provides a hybrid way of working with an onsite presence of 2 days/week.Key Job Responsibilities and DutiesActive Monitoring & Intelligence Analysis:Oversee and manage the conducting of continuous global monitoring of events that could potentially impact our organization, its personnel, operations, assets, reputation, and stakeholders, escalating as appropriate based on established thresholds. Ensure the effective and efficient leveraging of vendor resources and personal networks, to conduct thorough research, assessment, and analysis, escalating training/tooling gaps to GSOC and Capability Area Management as part of proposed solutions. Oversee and where required proactively execute the collection, assessment, and analysis of a variety of data into actionable reports, ensuring adherence to departmental templates and SLAs. Ensure the production of, and adherence to, runbooks detailing OSINT techniques and procedures for a variety of deliverables including site-specific risk assessments, event security risk assessments. Work collaboratively with Regional Lead Analysts and Regional Security Managers in ensuring local intelligence requirements are met, monitored and documented where applicable. Ensure ongoing team familiarity and comfort with OSINT and wider intelligence analysis techniques as relevant for the role, proposing training with subject matter experts where required. Security ResponseDeliver the immediate and effective response to a wide spectrum of office security events globally. This includes, but isn't limited to, coordinating actions during fire alarms, managing workplace medical emergencies, responding to civil unrest, and addressing other critical incidents that demand urgent support.Facilitate thorough post-incident debriefings with relevant stakeholders, including internal departments and external partners, to meticulously review incident handling. Based on these debriefings, you'll propose and implement necessary edits to existing SOPs and lead the development of new protocols to enhance future responses and strengthen our overall security posture.Support in ensuring all SOPs are reviewed on an annual basis and updated, obtaining inputs from relevant stakeholders, notably regional Security Managers and Corporate Security. Stakeholder ManagementRepresent the team in cross-functional forums, using subject matter expertise to translate technical items or tool requirements into clear, actionable messaging/action for a variety of stakeholdersProvide verbal and written briefings on geopolitical and employee physical security issues to GSR during major incident/ crisis scenarios, ensuring communication is concise, relevant, and impact-orientedAct as the SME and back up to GSOC TL's in major incident/crisis responseChampion cross-functional collaboration with teams such as Trust & Safety, BTI, Investigations, Public Relations, and Legal to drive alignment on shared goals and ensure the business benefits from these diverse areas of individual expertise as part of its operationsRole Qualifications and RequirementsUtilizing a variety of OSINT tools and methods across a wide spectrum of activities and tailoring collection requirements to stakeholder needs.Producing short (several sentences) and longer form (>two pages) intelligence memos for both near term and longer term threats, based on analyzing a variety of data from digital and human sources, with actionable insights for the business, with limited oversight prior to dissemination to senior business audiences.The application- and design of - Booking's security Standard Operating Procedures & processes, and best practice security advice, covering the vast majority of the types of incidents likely to be faced by Booking staff, and assessing of security incidents for criticality and severity. Able to comprehensively assess best practices and AAR lessons learned and apply these for meaningful change.Using clear, concise, communication and adapting message and delivery method by audience, in addition to written and verbal communication best practice principles as they apply in the Booking context. Related independence in use of active listening, empathy, taking on feedback and use of compromise to build effective solutions in a team and business context, whilst building trusted, sustainable relationships across a wider variety of stakeholder groups up to regional leadership level.Factoring local cultural, business and security nuances when assessing security risks and building solutions and the resulting need for consultation, communication, flexibility and compromise. Related independence in building business-beneficial trusted relationships across functions and cultures with demonstrable results.Assessing processes for efficiency and efficacy, building of business impactful improvement proposals inclusive of wider cost-benefit analyses associated with change management.Using key departmental and company priorities to inform day-to-day prioritization and a clear understanding on the importance of precise, deadline-based, project management protocols and concepts, with regular successful experience in using these in business projects.Using the Google Suite tooling for day-to-day work, including offering of suggestions for alterations/enhancement to processes, in addition to extensive familiarity from a user perspective with Booking security intelligence and operations vendors, combined with independence in identifying potentially useful vendors, building sustainable relationships with them, and building of business cases. Independence resulting from weekly use of tools such as Miro, Data Studio and Jira.Benefits & PerksContributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwideWorking in a fast-paced and performance driven cultureTechnical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participationCompetitive compensation and benefits package Vast amounts of data to validate your ideas and the opportunity to experiment with real usersBooking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.Pre-Employment ScreeningIf your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.