Logo of Huzzle

Home

Matches

Explore

Manage

Principal Architect - Application Cybersecurity (Remote)

image

United Airlines

1mo ago

  • Job
    Full-time
    Expert Level
  • Software Engineering
  • Chicago
    Remote

AI generated summary

  • You need a STEM bachelor's, 9 years in application security, knowledge of OWASP/CWE, risk assessment, secure design, and strong collaboration skills. Remote work eligibility is required.
  • You will validate application security, advise on best practices, lead threat modeling, analyze code, and train teams while integrating security into the product lifecycle.

Requirements

  • Bachelor's degree required in STEM, Computer Science
  • Minimum of 9 years of experience in related field
  • Deep understanding of OWASP Top 10 and CWE 25; ability to implement and integrate remediation strategies
  • Ability to collaborate with development teams to build secure solutions, communicating risks and bringing consensus to diverse priorities
  • Knowledge of common vulnerabilities and attack vectors, ubiquitous encryption technologies and common authentication protocols
  • Skilled in application risk assessment, risk categorization, and application security testing tools
  • Knowledge of current industry standards, best practices, and reference architectures
  • Solid understanding of secure network and system design in both cloud and conventional environments, as well as of network and web related protocols
  • Excellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
  • Ability to work independently and self-motivate
  • Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills
  • Must be legally authorized to work in the United States for any employer without sponsorship
  • Successful completion of interview required to meet job qualification
  • Reliable, punctual attendance is an essential function of the position
  • What will help you propel from the pack (Preferred Qualifications):
  • Master's degree or equivalent experience
  • Certified CEH, GSEC, CISM, Comp TIA Security +, CISSP, CISA, SSCP, CASP+, OSCP
  • 12 years of experience in related field, including any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security, cloud computing
  • Application penetration testing to demonstrate and test exploitability of vulnerabilities
  • Familiar with waterfall and agile development processes and ability to integrate secure development practices into both models
  • Experience with multiple programming
  • Success in implementing effective Secure SDLC frameworks across a large corporation

Responsibilities

  • The Principal Architect - Application Cybersecurity validates that our services, applications, and websites are designed and implemented in accordance with United’s secure development standards. The Principal Architect is a senior level position that works closely with development teams, product teams, and other teams across the organization to integrate security into the product lifecycle from design through deployment.
  • The Principal Architect is a recognized expert in defining security requirements, performing application security assessments, and providing developers with remediation guidance and advice. On any given day, the Principal Application Security Architect can be pulled in to evaluate a new system, review a proposed application change, or provide guidance on application security/coding standard methodologies.
  • Sought out as a trusted advisor/consultant and assists in the creation of security designs, requirements, risk monitoring and mitigation guidance in alignment with industry standards and regulatory requirements
  • Leads architecture design evaluations and threat modelling of our products (cloud and on-prem)
  • Recommends and implements products/services that support operational needs and security requirements
  • Assist in leading the design, definition and implementation of security best practices and standards and ensure product development teams understand them
  • Promotes and contributes to the continuous improvement of our security strategy and supports risk prioritization
  • Helps train and support team members
  • Leads the improvement of the accessibility of security through automation, continuous integration pipelines, and other means
  • Perform code analysis of applications, manually and using SAST, DAST, and SCA scanning solutions as well as conducting manual vulnerability analysis
  • Technical point of contact for product teams as it relates to automation, CI/CD, and remediation guidance
  • United values diverse experiences, perspectives, and we encourage everyone who meets the minimum qualifications to apply. While having the “desired” qualifications make for a stronger candidate, we encourage applicants who may not feel they check ALL of those boxes. We are always looking for individuals who will bring something new to the table.

FAQs

What is the job title for the position being advertised?

The job title is Principal Architect - Application Cybersecurity.

Is this position remote?

Yes, this position is remote.

What team will the Principal Architect - Application Cybersecurity be part of?

The Principal Architect will be part of the Cybersecurity and Digital Risk (CDR) team.

What is the primary mission of the CDR team at United Airlines?

The primary mission of the CDR team is to embed cybersecurity into the DNA of United Airlines by reducing business risk through the implementation of strong cybersecurity standard processes.

What are some key responsibilities of the Principal Architect in this role?

Key responsibilities include validating that services and applications adhere to secure development standards, conducting application security assessments, providing remediation guidance, leading architecture design evaluations, and promoting continuous improvement of security strategies.

What minimum qualifications are required for this position?

Required qualifications include a Bachelor's degree in STEM or Computer Science, a minimum of 9 years of experience in a related field, a deep understanding of OWASP Top 10 and CWE 25, and the ability to collaborate with development teams on secure solutions, among others.

Are there any preferred qualifications that would help a candidate stand out?

Yes, preferred qualifications include a Master's degree or equivalent experience, relevant certifications (e.g., CEH, CISSP), 12 years of experience in related fields, and experience with implementing Secure SDLC frameworks.

What specific skills are highlighted as necessary for this role?

Necessary skills include excellent problem-solving abilities, strong communication skills, knowledge of common vulnerabilities and attack vectors, familiarity with encryption technologies and authentication protocols, and an understanding of secure network and system design.

Is legal authorization to work in the United States required for this position?

Yes, candidates must be legally authorized to work in the United States for any employer without sponsorship.

What experience related to application security is emphasized in the job description?

The job emphasizes experience in application risk assessment, secure coding, identity management, application security testing tools, and application penetration testing.

What role does the Principal Architect play in training and supporting team members?

The Principal Architect is responsible for helping train and support team members, contributing to their understanding of application security practices and standards.

United Airlines

Good Leads The Way.

Automotive
Industry
10,001+
Employees
1926
Founded Year

Mission & Purpose

This is the story of airline that leads the industry from ground to clouds. Our global cast of over 90,000+ hero characters are each on a journey to be a force for good for our customers, the planet and each other. Come be part of this story, we’re hiring 15,000 people in 2023.