Principal Architect - Application Cybersecurity: Safeguarding the Future of Aviation through Innovative Cybersecurity Solutions

Join the United Airlines Cybersecurity Team: Protecting the Skies and Beyond

At United Airlines, we're not just connecting people and uniting the world; we're also committed to safeguarding our customers' and employees' information in an ever-evolving cybersecurity landscape. As a global company operating in hundreds of locations worldwide, we recognize the importance of embedding robust cybersecurity measures into every aspect of our operations. Our Cybersecurity and Digital Risk (CDR) team is at the forefront of this endeavor, working tirelessly to ensure that United Airlines remains a leader in cyber safety within the aviation industry.

We're now seeking an exceptional individual to join our team as a Principal Architect - Application Cybersecurity. This senior role will be pivotal in validating that our services, applications, and websites are designed and implemented with the highest security standards in mind. As a Principal Architect, you will be a subject matter expert, guiding development teams, product teams, and other stakeholders across the organization to integrate security seamlessly into the product lifecycle.

Key Responsibilities: Shaping the Cybersecurity Landscape

• Leads architecture design evaluations and threat modeling for our products, encompassing both cloud and on-prem solutions, to ensure they meet United's stringent security requirements.
• Recommends and implements products and services that not only support operational needs but also adhere to security best practices, enhancing our overall cybersecurity posture.
• Serves as a technical point of contact for product teams, providing expertise on automation, CI/CD, and remediation guidance to ensure secure development and deployment practices.
• Assists in leading the design, definition, and implementation of security best practices and standards, ensuring that product development teams understand and adhere to these guidelines.
• Performs comprehensive code analysis of applications using a combination of SAST, DAST, and SCA scanning solutions, as well as conducting manual vulnerability analysis to identify and mitigate potential security risks.
• Promotes and contributes to the continuous improvement of our security strategy, supporting risk prioritization and helping to train and support team members to enhance our collective cybersecurity capabilities.
• Leads initiatives to improve the accessibility of security through automation, continuous integration pipelines, and other means, making security an integral part of our development processes.
• Educates and mentors junior team members, sharing knowledge and expertise to foster a culture of cybersecurity awareness and excellence within the team.
• Ensures that our cybersecurity programs are meeting their intended purpose and metrics, continually assessing and improving their effectiveness.

Qualifications: The Foundation for Success

To excel in this role, you will need:

Minimum Qualifications:

• A Bachelor's degree in a relevant field such as Computer Science, MIS, Electrical Engineering, or other STEM disciplines.
• A minimum of 7 years of experience in related fields such as software development and/or cybersecurity, with a strong background in DevOps/DevSecOps practices.
• Expert knowledge in modern software development practices, including containerization and microservices.
• Proficiency with application testing tools, particularly those related to SAST, DAST, MAST, and Pen Test tooling.
• Strong programming skills in languages such as C# or Java, and familiarity with modern programming practices including Object-Oriented Programming and web frameworks.
• Understanding of Software Development Lifecycle processes and web and app security stacks, including API security.
• Proficiency in cloud technologies, with AWS being a preferred platform.
• The ability to work independently, self-motivate, and possess excellent problem-solving, critical thinking, interpersonal, collaboration, written, and verbal communication skills.
• Legal authorization to work in the United States without sponsorship.

Preferred Qualifications:

• A Master's degree or equivalent experience, demonstrating a higher level of expertise in your field.
• Certifications such as CEH, GSEC, CISM, Security+, CISSP, CISA, SSCP, CASP+, OSCP, which indicate specialized knowledge in cybersecurity.
• 12 years of experience in related fields, including a mix of threat modeling, secure coding, mobile and API security, identity management, software development, cryptography, system administration, and network security.
• Proficiency in application penetration testing, waterfall and agile development processes, and the ability to integrate secure development practices into both.
• Experience in implementing effective Secure SDLC frameworks across large corporations.
• Knowledge of cloud security infrastructure technologies, including containerization, service mesh, and micro-services.
• Familiarity with LLM/GenAI technologies, mobile development technologies, and OWASP Top 10.
• Proficiency with security automation tooling and methods, threat modeling, and risk management methodologies.
• Scripting skills in languages such as PowerShell, Python, Perl, Bash.
• Experience with CI/CD technology stacks and vulnerability management processes.
• Understanding of compliance frameworks and processes, cryptography, IAM, network security, and risk management methodologies.

What We Offer: A Rewarding Career and More

At United Airlines, we offer a competitive benefits package designed to keep you happy, healthy, and well-traveled. Our benefits include:

• Medical, dental, vision, life, accident, and disability insurance.
• Parental leave and employee assistance programs.
• Commuter benefits and paid holidays.
• Paid time off and 401(k) plans.
• Privileges like space-available travel, allowing you to explore the world.

The base pay range for this role is between $137,275.00 and $187,000.00, with eligibility for bonus and long-term incentive compensation awards. We're committed to providing a rewarding career with opportunities for growth and development.

Our Culture: Diversity, Equity, and Inclusion

United Airlines is an equal opportunity employer, valuing diverse experiences and perspectives. We encourage everyone who meets the minimum qualifications to apply, regardless of their background. Our culture is built on the principles of diversity, equity, and inclusion, ensuring that everyone has the opportunity to thrive.

Ready to Take the Next Step?

If you're passionate about cybersecurity and have the skills we're looking for, we invite you to join our team. This is a fantastic opportunity to grow your career while contributing to the safety and security of our customers and employees. Apply today and become part of the United Airlines journey towards becoming the leading cyber-safe airline in the industry.

United Airlines is committed to providing reasonable accommodation to individuals with disabilities. If you require accommodation during the application or interview process, please contact [email protected].