Job Actions

Job Information

Analyst - Security Advisory
CHICAGO IL 60664
Category: Automotive, Transportation
  • Your pay will be discussed at your interview

Job code: lhw-e0-90671415

Company Profile

United Airlines

Contact Company


Local Information

Laugh while you Look

Sponsored Ads

Summary

  Job posted:   Thu Jun 7, 2018
  Distance to work:   ? miles
       
  4 Views, 0 Applications  
 
Analyst - Security Advisory

**Security Advisory**


With great people, the world's most comprehensive global route network, the best class of aircraft among U.S. network carriers and the industry-leading loyalty program, United is well positioned to deliver meaningful profitability and sustainable long-term value for our customers, the communities we serve, our shareholders and co-workers around the world.


**Department overview**


United Airlines is seeking talented people to join the IT Security, Risk, and Compliance team. This team helps to protect the information of our customers and employees and reduce business risk through strong security practices.


**Job overview and responsibilities**


Come join a leading information security team in the aviation sector to help protect our customers and employees!


The Analyst - Information Security Advisory will support the integration of information security with the Project Management Life Cycle (PMLC) enterprise-wide. This position will work very closely with project managers and engineers, as well as business stakeholders to assess the information security impacts and requirements for IT projects of varying complexities. Report to the Sr. Manager - Security Advisory within IT Security, Risk and Compliance department.


If you're looking to further develop your skills through a variety of challenges and perform impactful work, this job is for you!


**Job Responsibilities:**


+ Support the information security internal consultancy function by analyzing projects for security risks and impacts, documenting and communicating requirements and recommendations, and monitoring compliance through the development lifecycle.

+ Review project requests, assess for information security risks, report findings, and monitor for remediation.

+ Analyze systems and networks for a clear written determination of compliance, residual risk, and potential vulnerability mitigation strategies

+ Support the development of information security standards and best practices.

+ Develop, maintain, and publish security advisory program metrics.

+ Maintain and implement system enhancements in support of process improvements.

+ Support project manager training and engagement.


**Required**


+ Bachelor's degree in Computer Science, Engineering, Business Administration, or other related field.

+ A minimum of 3 years of relevant technical or information security experience in working as an application developer or QA analyst.

+ Skilled at communicating (oral/written) effectively with peer group, middle and senior management enterprise-wide, particularly in translating IT jargon into simple business language.

+ Skilled at working successfully with people and leading teams.

+ Adaptable to rapidly changing business needs and processes.

+ Experience working through the complete project management life-cycle.

+ Familiarity with ITIL Change Management Process.

+ Some technical experience with core technologies, including Cloud, Digital, Data Protection, User Management, Digital Mobility, Compliance, Application Security, Event Management, and CDM.

+ Understanding of security best practices related to the storage, processing and transmission of data.


**Preferred**


+ Working knowledge of risk management frameworks such as OWASP, NIST, ISACA, ISO, etc.

+ Familiarity with Information Security tools such as vulnerability scanners, access monitoring software, etc.

+ Working knowledge of regulatory requirements such as PCI, HIPAA, SOX, SOC, etc.

+ Basic understanding of tactics and approaches commonly employed to compromise information systems.

+ IAM, IAT II, SANS, CISSP, or other information security certifications.

+ Experience in airline industry with business systems a plus.


**Other**


+ Must be legally authorized to work in the United States for any employer without sponsorship

+ Successful completion of one or more interviews required to meet position qualifications

+ Reliable, punctual attendance is an essential function of the position.


**Job Responsibilities:**


Come join a leading information security team in the aviation sector to help protect our customers and employees!


The Analyst - Information Security Advisory will support the integration of information security with the Project Management Life Cycle (PMLC) enterprise-wide. This position will work very closely with project managers and engineers, as well as business stakeholders to assess the information security impacts and requirements for IT projects of varying complexities. Report to the Sr. Manager - Security Advisory within IT Security, Risk and Compliance department.


If you're looking to further develop your skills through a variety of challenges and perform impactful work, this job is for you!


+ Support the information security internal consultancy function by analyzing projects for security risks and impacts, documenting and communicating requirements and recommendations, and monitoring compliance through the development lifecycle.

+ Review project requests, assess for information security risks, report findings, and monitor for remediation.

+ Analyze systems and networks for a clear written determination of compliance, residual risk, and potential vulnerability mitigation strategies

+ Support the development of information security standards and best practices.

+ Develop, maintain, and publish security advisory program metrics.

+ Maintain and implement system enhancements in support of process improvements.

+ Support project manager training and engagement.


**Required**


+ Bachelor's degree in Computer Science, Engineering, Business Administration, or other related field.

+ A minimum of 3 years of relevant technical or information security experience in working as an application developer or QA analyst.

+ Skilled at communicating (oral/written) effectively with peer group, middle and senior management enterprise-wide, particularly in translating IT jargon into simple business language.

+ Skilled at working successfully with people and leading teams.

+ Adaptable to rapidly changing business needs and processes.

+ Experience working through the complete project management life-cycle.

+ Familiarity with ITIL Change Management Process.

+ Some technical experience with core technologies, including Cloud, Digital, Data Protection, User Management, Digital Mobility, Compliance, Application Security, Event Management, and CDM.

+ Understanding of security best practices related to the storage, processing and transmission of data.


**Preferred**


+ Working knowledge of risk management frameworks such as OWASP, NIST, ISACA, ISO, etc.

+ Familiarity with Information Security tools such as vulnerability scanners, access monitoring software, etc.

+ Working knowledge of regulatory requirements such as PCI, HIPAA, SOX, SOC, etc.

+ Basic understanding of tactics and approaches commonly employed to compromise information systems.

+ IAM, IAT II, SANS, CISSP, or other information security certifications.

+ Experience in airline industry with business systems a plus.


**Other**


+ Must be legally authorized to work in the United States for any employer without sponsorship

+ Successful completion of one or more interviews required to meet position qualifications

+ Reliable, punctual attendance is an essential function of the position.



**_Equal Opportunity Employer - Minorities/Women/Veterans/Disabled/LGBT_**


**Division:** 47 Technology/IT

**Function:** Information Technology


Equal Opportunity Employer - Minorities/Women/Veterans/Disabled

More Information »