Logo of Huzzle

Home

Matches

Explore

Manage

Principal Architect - Application Cybersecurity (Remote)

image

United Airlines

1mo ago

  • Job
    Full-time
    Expert Level
  • Software Engineering
  • Chicago
    Remote

AI generated summary

  • You must have a STEM degree, 9+ years of experience, deep OWASP knowledge, risk assessment skills, and excellent communication. Preferred: Master's, cybersecurity certs, and 12 years of experience.
  • You will assess application security, guide teams on secure practices, evaluate designs, conduct threat modeling, perform code analysis, and enhance automation in CI/CD processes.

Requirements

  • Bachelor's degree required in STEM, Computer Science
  • Minimum of 9 years of experience in related field
  • Deep understanding of OWASP Top 10 and CWE 25; ability to implement and integrate remediation strategies
  • Ability to collaborate with development teams to build secure solutions, communicating risks and bringing consensus to diverse priorities
  • Knowledge of common vulnerabilities and attack vectors, ubiquitous encryption technologies and common authentication protocols
  • Skilled in application risk assessment, risk categorization, and application security testing tools
  • Knowledge of current industry standards, best practices, and reference architectures
  • Solid understanding of secure network and system design in both cloud and conventional environments, as well as of network and web related protocols
  • Excellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
  • Ability to work independently and self-motivate
  • Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills
  • Must be legally authorized to work in the United States for any employer without sponsorship
  • Successful completion of interview required to meet job qualification
  • Reliable, punctual attendance is an essential function of the position
  • What will help you propel from the pack (Preferred Qualifications):
  • Master's degree or equivalent experience
  • Certified CEH, GSEC, CISM, Comp TIA Security +, CISSP, CISA, SSCP, CASP+, OSCP
  • 12 years of experience in related field, including any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security, cloud computing
  • Application penetration testing to demonstrate and test exploitability of vulnerabilities
  • Familiar with waterfall and agile development processes and ability to integrate secure development practices into both models
  • Experience with multiple programming
  • Success in implementing effective Secure SDLC frameworks across a large corporation

Responsibilities

  • The Principal Architect - Application Cybersecurity validates that our services, applications, and websites are designed and implemented in accordance with United’s secure development standards. The Principal Architect is a senior level position that works closely with development teams, product teams, and other teams across the organization to integrate security into the product lifecycle from design through deployment.
  • The Principal Architect is a recognized expert in defining security requirements, performing application security assessments, and providing developers with remediation guidance and advice. On any given day, the Principal Application Security Architect can be pulled in to evaluate a new system, review a proposed application change, or provide guidance on application security/coding standard methodologies.
  • Sought out as a trusted advisor/consultant and assists in the creation of security designs, requirements, risk monitoring and mitigation guidance in alignment with industry standards and regulatory requirements
  • Leads architecture design evaluations and threat modelling of our products (cloud and on-prem)
  • Recommends and implements products/services that support operational needs and security requirements
  • Assist in leading the design, definition and implementation of security best practices and standards and ensure product development teams understand them
  • Promotes and contributes to the continuous improvement of our security strategy and supports risk prioritization
  • Helps train and support team members
  • Leads the improvement of the accessibility of security through automation, continuous integration pipelines, and other means
  • Perform code analysis of applications, manually and using SAST, DAST, and SCA scanning solutions as well as conducting manual vulnerability analysis
  • Technical point of contact for product teams as it relates to automation, CI/CD, and remediation guidance

FAQs

What is the primary role of the Principal Architect - Application Cybersecurity?

The primary role of the Principal Architect - Application Cybersecurity is to ensure that services, applications, and websites are designed and implemented according to United's secure development standards. This includes integrating security into the product lifecycle from design through deployment and serving as a trusted advisor to various teams within the organization.

What qualifications are needed to apply for this position?

To apply for this position, candidates need a bachelor's degree in a STEM field, a minimum of 9 years of experience in a related field, a deep understanding of OWASP Top 10 and CWE 25, experience in application risk assessment, knowledge of security standards and best practices, and strong problem-solving skills, among others.

Are there preferred qualifications for this job, and what are they?

Yes, the preferred qualifications include a master's degree, relevant certifications (such as CEH, CISM, CISSP), 12 years of experience in related fields, familiarity with application penetration testing, experience with secure SDLC frameworks, and knowledge of multiple programming languages.

Does this position require collaboration with other teams?

Yes, the Principal Architect works closely with development teams, product teams, and other teams across the organization to integrate security practices and communicate risks effectively.

What skills are essential for success in this role?

Essential skills for success in this role include excellent problem-solving and critical thinking, strong interpersonal and collaboration abilities, written and verbal communication skills, and the ability to work independently and self-motivate.

Is this position remote, and are there any geographical restrictions?

Yes, this position is remote, but candidates must be legally authorized to work in the United States for any employer without sponsorship.

What kind of security assessments will the Principal Architect be responsible for?

The Principal Architect will be responsible for conducting application security assessments, performing code analysis (both manually and with tools such as SAST, DAST, and SCA), and providing remediation guidance and advice to development teams.

How does this role contribute to the overall security strategy of the organization?

This role promotes and contributes to the continuous improvement of the security strategy, provides guidance for risk prioritization, and assists in the integration of security best practices into the development process to enhance the organization’s overall security posture.

What is the importance of secure coding standards in this role?

Secure coding standards are crucial as the Principal Architect helps integrate them into the development lifecycle to mitigate risks, prevent vulnerabilities, and ensure that security is a primary consideration during application design and deployment.

Will the Principal Architect have a role in training team members?

Yes, the Principal Architect is responsible for helping train and support team members, thereby fostering a culture of security awareness and competence within the organization.

United Airlines

Good Leads The Way.

Automotive
Industry
10,001+
Employees
1926
Founded Year

Mission & Purpose

This is the story of airline that leads the industry from ground to clouds. Our global cast of over 90,000+ hero characters are each on a journey to be a force for good for our customers, the planet and each other. Come be part of this story, we’re hiring 15,000 people in 2023.