United Airlines Analyst - Application Security in Chicago, Illinois
We have a wide variety of career opportunities around the world — come find yours.
The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.
Job overview and responsibilities
Come join a leading information security team in the aviation sector to help protect our customers and employees!
The Analyst – Application Security (Ethical Hacker) is responsible for running web application vulnerability assessments and penetration tests. This includes assessments of internal and public-facing mobile and web applications. This person may also assist with advanced vulnerability research across application security and support researching bugs for the Bug Bounty program.
If you're looking to further develop your skills through a variety of challenges and perform impactful work, this job is for you!
Conduct advanced web application penetration tests and assessments on United Airlines mobile and web applications
Perform advanced application vulnerability research in order to help United identify risk and fix vulnerabilities
Develop and present cybersecurity related papers, reports, alerts and bulletins.
Serve as subject matter expert in application security
Required Qualifications - Education/Certification
Bachelor degree in Computer Science or a related field, or an equivalent combination of education, training, and/or experience related to this position is required.
Preferred Qualifications - Education/Certification
CISSP and/or relevant SANS certifications
Required Qualifications - Knowledge/Skills
Dynamic and static application scanning
Exploitation of OWASP top 10 vulnerabilities
In-depth mobile and web application penetration testing
Understanding of Agile and Waterfall development processes
Programming and scripting
Required Qualifications – Experience
At least one years of experience in IT security, with at least three years of IT experience
Understanding of network exploitation, attack strategies and methods, current IT security technology, software and cyber threat mitigation tools.
Working knowledge of computer operating systems, network design, security architecture principles and security application design.
Experience with IT security incident response procedures, risk assessment methodologies, and risk management processes and implementation.
Strong written and verbal communication skills.
Ability to concisely and accurately convey complex cyber security concepts to both technical and non-technical audiences.
Demonstrable understanding of Information Security attack vectors like SQL injection, cross-site scripting, pass-the-hash, credential dumps, advanced phishing, malware, social engineering, and ARP spoofing
Preferred Qualifications – Experience
- Critical infrastructure and/or airline experience
Required Qualifications – Other
Must be legally authorized to work in the United States for any employer without sponsorship
Candidate must currently have or meet the requirements to obtain a US Government SECRET security clearance
Successful completion of one or more interviews required to meet position qualifications
Reliable, punctual attendance at United’s World Headquarters in Chicago is an essential function of the position
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled/LGBT
Division: 47 Technology/IT
Function: Information Technology
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled