Website United Airlines
The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.
- Conduct proactive risk assessments of existing applications to identify new and novel vulnerabilities.
- Report metrics on application risk and vulnerability profile to leadership.
- Keep up to date on application security topics to ensure most current vulnerabilities are being incorporated into application scans, risk profiles, threat models to ensure United is protected at the highest level.
- Validate findings of dynamic scans.
- Review results of scans to verify the accuracy of the findings.
- Act as a resource for development teams in the remediation of vulnerabilities discovered by
- Vulnerability Management, Application Security, or outside vendors
- Conduct and manage dynamic and static code scans of United applications for security vulnerabilities.
- Develop training and remediation materials on application security topics for developers
- Work with team members (Security and Release Management) to ensure quality of scans and reports.
- Address questions from internal customers regarding scan processes, results, and remediation suggestions.
- Ability to create quantitative business cases for enhancing security standards, processes and tools.
- Successful completion of interview required to meet job qualification
- Reliable, punctual attendance is an essential function of the position
- Must be legally authorized to work in the United States for any employer without sponsorship
BS/BA, preferably in a technical or scientific field or 5 years of equivalent experience, education or training.
- Ability to lead by example and influence change
- Experience with at least one code security review tool: Qualys, Veracode, Checkmarx, WhiteHat Sentinel, Tenable, Burp, etc.
- Ability to offer reasonable remediation solutions to problems created by insecure code
- Excellent written and verbal communications skills
- Understanding and awareness of documentation required in a secure software development lifecycle
- Demonstrable experience with at least two of the following development languages: .Net, C#, Java, PHP, Objective-C, SQL, REST, SAML, Python, Swift
- Ability to deliver ahead of or on milestones for project timelines
- Good understanding of application security frameworks, standards, and best practices from OWASP, WASC, SANS. and other information security standards
Qualification & Experience:
- Experience working with Fiddler and Postman to create requests.
- Experience working with cross-functional agile development teams
- CISSP, SANS and/or relevant SANS certifications
- A software-development related BS or BA degree
- CISSP, SANS and/or relevant SANS certifications or strong demonstrated application of software security in code written by individual.
Company: United Airlines
Vacancy Type: Full Time
Job Location: Chicago, IL, US
Application Deadline: N/A