Engineer - Infra & Cloud Cybersecurity

Achieving our goals starts with supporting yours. Grow your career, access top-tier health and wellness benefits, build lasting connections with your team and our customers, and travel the world using our extensive route network.

Come join us to create what’s next. Let’s define tomorrow, together.

Description

Job overview and responsibilities

The Engineer – Infrastructure and Cloud Cybersecurity supports efforts to mature infrastructure security capabilities for United Airlines. Will be part of a cross-disciplinary Cyber team responsible for full stack security architecture. In this role the Architect will work on the creation and maintenance of security relevant documentation and partner with product, platform, engineering, and operations teams to ensure the adoption of security best practices across the entire application or system lifecycle. The role will continuously assess risks and weaknesses and identify security design or implementation gaps in existing products and services. The role with help continuously improve our cyber controls and associated playbooks, workflows, processes, and procedures.

• Enhance cybersecurity team accomplishments and competencies by planning the delivery of solutions and answering technical questions
• Determine cybersecurity requirements by evaluating business strategies, pain points, and use cases
• Plan, research, and design robust cybersecurity architectures for any IT project
• Regularly communicate vital information, security needs and priorities to upper management
• Remain up to date with the latest security systems, standards, authentication protocols, and products
• Design cybersecurity architecture elements to mitigate threats as they emerge
• Identify and communicate current and emerging security threats
• Define, implement, and maintain corporate security policies, procedures, and standards

Qualifications

What’s needed to succeed (Minimum Qualifications):

• Bachelor's degree
• 3+ years in a technical role
• Basic understanding of cloud infrastructure services, concepts, and best practices
• Basic understanding of secure connectivity methods via private or encrypted means
• Basic understanding of cloud interconnectivity methods
• Basic understanding of zero trust network architectures and principles
• Basic understanding with security assessments and remediation guidance
• Working knowledge of network security principles and technologies including network architecture, intrusion detection/prevention and network segmentation
• Working knowledge of network infrastructure components and technologies like routers, switches, firewalls, proxy servers, reverse proxies, load balancers, IDS/IPS, VPN, SDWAN, network taps, application centric networking, overlay networking concepts
• Working knowledge of information security techniques and tools like content filtering, application firewalls, vulnerability scanners, EDR, forensics software, incident response, SIEM, SOAR, NAC, etc
• Working knowledge in secure configuration practices for operating systems and infrastructure components
• Working knowledge of OS or compute infrastructure components and technologies like Unix/Linux, Windows, Docker, Kubernetes, VMWare, EC2, ECS, EKS, Lambda
• Working knowledge of endpoint security technologies such as endpoint detection and response and mobile device management
• Working knowledge of Data Loss Prevention (DLP) concepts and services
• Working knowledge of secure wireless protocols, techniques, and products
• Working knowledge of network protocols like TCP/IP, UDP, IPSEC, SSL/TLS, HTTP, etc
• Working knowledge of common enterprise services like DNS, DHCP, LDAP, SMB, CIFS, NTP, etc
• Working knowledge of security focused processes like architecture reviews, access reviews, vulnerability management, and audit
• Ability to work independently and self-motivate
• Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

What will help you propel from the pack (Preferred Qualifications):

• CISSP
• CCNA
• AWS Security, Architect
• CCSP
• CEH
• 4+ years in a technical role
• Working knowledge of identity and access management services, techniques concepts
• Working knowledge of role-based access control
• Basic understanding of compliance frameworks and processes (e.g., NIST 800-53, CIS Controls)

The base pay range for this role is $87,780.00 to $114,376.00.
The base salary range/hourly rate listed is dependent on job-related, factors such as experience, education, and skills. This position is also eligible for bonus and/or long-term incentive compensation awards.

You may be eligible for the following competitive benefits: medical, dental, vision, life, accident & disability, parental leave, employee assistance program, commuter, paid holidays, paid time off, 401(k) and flight privileges.

United Airlines is an equal opportunity employer. United Airlines recruits, employs, trains, compensates and promotes regardless of race, religion, color, national origin, gender identity, sexual orientation, physical ability, age, veteran status and other protected status as required by applicable law. Equal Opportunity Employer - Minorities/Women/Veterans/Disabled/LGBT.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions. Please contact JobAccommodations@united.com to request accommodation.