United Airlines Analyst - Application Security in Chicago, Illinois

We have a wide variety of career opportunities around the world — come find yours.

Information Technology

The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.

Job overview and responsibilities

Come join a leading information security team in the aviation sector to help protect our customers and employees!

The Analyst – Application Security (Ethical Hacker) is responsible for running web application vulnerability assessments and penetration tests. This includes assessments of internal and public-facing mobile and web applications. This person may also assist with advanced vulnerability research across application security and support researching bugs for the Bug Bounty program.

If you're looking to further develop your skills through a variety of challenges and perform impactful work, this job is for you!


  • Conduct advanced web application penetration tests and assessments on United Airlines mobile and web applications

  • Perform advanced application vulnerability research in order to help United identify risk and fix vulnerabilities

  • Develop and present cybersecurity related papers, reports, alerts and bulletins.

  • Serve as subject matter expert in application security

Required Qualifications - Education/Certification

Bachelor degree in Computer Science or a related field, or an equivalent combination of education, training, and/or experience related to this position is required.

Preferred Qualifications - Education/Certification

CISSP and/or relevant SANS certifications

Required Qualifications - Knowledge/Skills

  • Dynamic and static application scanning

  • Exploitation of OWASP top 10 vulnerabilities

  • In-depth mobile and web application penetration testing

  • Understanding of Agile and Waterfall development processes

  • Programming and scripting

Required Qualifications – Experience

  • At least one years of experience in IT security, with at least three years of IT experience

  • Understanding of network exploitation, attack strategies and methods, current IT security technology, software and cyber threat mitigation tools.

  • Working knowledge of computer operating systems, network design, security architecture principles and security application design.

  • Experience with IT security incident response procedures, risk assessment methodologies, and risk management processes and implementation.

  • Strong written and verbal communication skills.

  • Ability to concisely and accurately convey complex cyber security concepts to both technical and non-technical audiences.

  • Demonstrable understanding of Information Security attack vectors like SQL injection, cross-site scripting, pass-the-hash, credential dumps, advanced phishing, malware, social engineering, and ARP spoofing

Preferred Qualifications – Experience

  • Critical infrastructure and/or airline experience

Required Qualifications – Other

  • Must be legally authorized to work in the United States for any employer without sponsorship

  • Candidate must currently have or meet the requirements to obtain a US Government SECRET security clearance

  • Successful completion of one or more interviews required to meet position qualifications

  • Reliable, punctual attendance at United’s World Headquarters in Chicago is an essential function of the position

Equal Opportunity Employer – Minorities/Women/Veterans/Disabled/LGBT

Division: 47 Technology/IT

Function: Information Technology

Equal Opportunity Employer – Minorities/Women/Veterans/Disabled