Veterans jobs

Mobile united Logo

Job Information

United Airlines Senior Analyst - Information Technology Application Security in Chicago, Illinois

We have a wide variety of career opportunities around the world — come find yours

Technology/IT

The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.

Job overview and responsibilities

The Senior Analyst – Application Security is responsible for ensuring integration of cyber security into United’s application and software development lifecycles. In this role the Analyst will help drive United’s application security tooling initiatives as we move our processes further to the left. They will help evaluate, implement, run, and troubleshoot application security tools that help developers produce more secure code.

In addition to their main responsibility of optimizing United’s Application Security tooling they will be called upon to assist on related projects which move our security efforts to more proactive engagement issues. These efforts require being able to view testing results to find patterns which relate to gaps in our testing processes and make recommendations to improve them.

  • Conduct and manage dynamic and static code scans of United applications for security vulnerabilities

  • Review results of scans to verify the accuracy of the findings

  • Validate findings of dynamic scans

  • Work with team members (Security and Release Management) to ensure quality of scans and reports

  • Address questions from internal customers regarding scan processes, results, and remediation suggestions

  • Report metrics on scan results to leadership

  • Leverage metrics from findings to suggest better processes and tooling to leadership

  • Act as a resource for development teams in the remediation of vulnerabilities discovered by Vulnerability Management, Application Security, or outside vendors

  • Conduct proactive risk assessments of existing applications to identify new and novel vulnerabilities

  • Develop training and remediation materials on application security topics for developers

  • Keep up to date on application security topics to ensure United’s processes are finding the more current vulnerabilities

Required

  • At least 3 years of combined education, work experience, and formal training that allows the candidate to meet the requirements of the position

  • Good understanding of application security frameworks, standards, and best practices from OWASP, WASC, SANS. and other information security standards

  • Demonstrable experience with at least two of the following development languages: .Net, C#, Java, PHP, Objective-C, SQL, REST, SAML, Python, Swift

  • Experience with at least one code security review tool: Qualys, Veracode, Checkmarx, WhiteHat Sentinel, Tenable, Burp, etc.

  • Understanding and awareness of documentation required in a secure software development lifecycle

  • Understanding of complex project timelines

  • Excellent written and verbal communications skills

  • Ability to offer reasonable remediation solutions to problems created by insecure code

  • Ability to lead by example and influence change

  • Must be legally authorized to work in the United States for any employer without sponsorship

  • Successful completion of interview required to meet job qualification

  • Reliable, punctual attendance is an essential function of the position

Preferred

  • A software-development related BS or BA degree

  • CISSP, SANS and/or relevant SANS certifications

  • Experience working with agile development groups

  • Experience working with Fiddler and Postman to create requests

  • Familiarity with how APIs work and how to interact with them

  • A software-development related BS or BA degree

Equal Opportunity Employer – Minorities/Women/Veterans/Disabled/LGBT

Division: 47 Technology/IT

Function: Information Technology

Equal Opportunity Employer – Minorities/Women/Veterans/Disabled

DirectEmployers