[Hiring] Compliance Manager @Expedia Group

Remote, USA • Full-time • Posted 2026-05-04

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

Plan, direct, or coordinate activities of an organization to ensure compliance with ethical or regulatory standards.
Support and advise business partners with SOX audit findings, internal operational/compliance audits, and internal/external risk assessments.
Support SOX control deficiency assessments and remediation efforts by working directly with control owners to perform impact analysis and control design/operation remediation.
Collaborate with internal IT and business stakeholders to identify financial and regulatory risks and develop mitigating control procedures for future state processes and system implementations.
Support control environment improvements efforts by identifying opportunities for control efficiencies, process automation, and control consolidation.
Track and effectively communicate project and responsibility status with controllership and stakeholder teams.
Prepare executive presentation materials.
Lead and perform business and technology process risk assessments for top priority areas.
Drive compliance excellence for Expedia Group including compliance with company’s policies, external regulations, and established risk management processes.
May telecommute.

Bachelor's degree in Accounting, Business Administration, Finance, or related field.
5 years of progressive, post-baccalaureate experience in job offered or in a compliance-related occupation.

IT General Controls such as Logical Access, Change Management, IT Operations, or Program Development/SDLC.
Data governance including frameworks, policies, third-party data risks, and data security and protection.
Data privacy compliance including GDPR, CCPA, HIPAA, and other regulations.
Developing full project plans, defining timeframe, and prioritizing tasks to achieve project milestones and deliver intended objectives across multiple projects.
Enterprise Risk Management frameworks such as ISO 31000 or COSO.
Control frameworks such as COBIT or NIST.
Understanding of U.S. PCAOB standards and control deficiency evaluation frameworks.
Understanding of laws and regulations such as SOX, GDPR, HIPAA, FCPA, PCI-DSS.
Understanding of electronic workpapers or GRC and Audit Management systems.
Understanding of IAA framework and IT control framework.
Risk management principles.
Remediation plan development and risk mitigation strategies.
Proficiency in tools like Confluence, SharePoint, or One Drive for document management and collaboration.