United Airlines Chicago , IL 60602
Posted 1 week ago
Description
There's never been a more exciting time to join United Airlines. We're on a path towards becoming the best airline in the history of aviation. Our shared purpose
We believe that inclusion propels innovation and is the foundation of all that we do. United's Digital Technology team spans the globe and is made up of diverse individuals all working together with cutting-edge technology to build the best airline in the history of aviation. Our team designs, develops and maintains massively scaling technology solutions brought to life with innovative architectures, data analytics, and digital solutions.
Key Responsibilities:
The Director of Application Cybersecurity is responsible for overseeing and managing all aspects of cybersecurity related to applications within the organization. This role involves developing, implementing, and maintaining effective cybersecurity strategies, policies, and procedures to safeguard the organization's applications against cyber threats and attacks. The Director of Application Cybersecurity works closely with other departments within Cybersecurity and the broader enterprise to ensure compliance with industry regulations and standards, mitigate cybersecurity risks, and enhance verification and automation processes.
o Build and lead a team of cybersecurity professionals responsible for application security, providing guidance, mentorship, and professional development opportunities
o Develop and implement a comprehensive cybersecurity strategy specifically tailored to protect the organization's applications, integrating verification and automation principles
o Establish and enforce cybersecurity policies and procedures related to application security, including secure coding practices, verification & automation, vulnerability management, and incident response
o Conduct regular assessments and audits of applications to identify and address security vulnerabilities and ensure compliance with security standards
o Collaborate with the IT architecture team to review and enhance the security architecture of applications, including recommending security controls and technologies
o Develop and deliver training programs to educate employees about application security standard processes and raise awareness about potential cyber threats
o Support incident response team in investigating and responding to cybersecurity incidents related to applications, including conducting root cause analysis and implementing corrective actions
o Stay abreast of industry regulations and standards related to application security
o Identify and assess cybersecurity risks associated with applications and develop risk mitigation strategies to address them
This position is remote and would require approximately 10% travel.
United values diverse experiences, perspectives, and we encourage everyone who meets the minimum qualifications to apply. While having the "desired" qualifications make for a stronger candidate, we encourage applicants who may not feel they check ALL of those boxes! We are always looking for individuals who will bring something new to the table!
Qualifications
What's needed to succeed (Minimum Qualifications):
Bachelor's degree
STEM
12+ years of experience working in security-focused roles
Excellent leadership and communication skills, with the ability to collaborate effectively with cross-functional teams
Proficiency in security assessment tools and techniques, such as static and dynamic application security testing (SAST and DAST)
Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities, with knowledge of verification and automation tools and techniques
Extensive experience in cybersecurity roles, with a focus on application security and secure software development practices, including verification and automation
Experience in developing and implementing cybersecurity policies, procedures, and standards, with a focus on integrating verification and automation principles
Knowledge of regulatory requirements and compliance frameworks related to application security
Strong analytical and problem-solving skills
Continuous learning mentality to keep up with evolving cybersecurity threats, technologies, and advancements in verification and automation
Must be legally authorized to work in the United States for any employer without sponsorship
Successful completion of interview required to meet job qualification
Reliable, punctual attendance is an essential function of the position
What will help you propel from the pack (Preferred Qualifications):
Master's degree
15+ years of experience working in security focused roles
Certified Ethical Hacker (CEH)
GIAC Security Essentials (GSEC)
Certified Information Security Manager (CISM)
Comp TIA Security +
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Auditor (CISA)
Systems Security Certified Practitioner (SSCP)
CompTIA Advanced Security Practitioner (CASP+)
Offensive Security Certified Professional (OSCP)
AWS Solution Architect Pro., Networking, and Security Specializations
Knowledge of application security aspects of industrial control networks is a plus
Strong experience and in-depth knowledge of Security Technical Implementation Guide standards and implementation
Salary:
Other Comp:
Benefits:
United Airlines is an equal opportunity employer. United Airlines recruits, employs, trains, compensates and promotes regardless of race, religion, color, national origin, gender identity, sexual orientation, physical ability, age, veteran status and other protected status as required by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions. Please contact JobAccommodations@united.com to request accommodation.
Equal Opportunity Employer
United Airlines