Firm Name: United Airlines

Numbers of Jobs: Principal Analyst

Education Need: Graduate

Job Hours: 8

Payment: $20-$30/Hour

What's Job City: Chicago

Job Details:

Choosing to work for United Airlines has never been more exciting. We're headed in the direction of being the greatest airline in aviation history. Getting people from one place to another is only one aspect of our shared purpose, "Connecting People, Uniting the World.". Additionally, it means that as a large corporation with millions of customers and tens of thousands of staff members operating in hundreds of locations around the globe, we have a special obligation to improve and create opportunities in the communities in which we work, live, and fly. We can only accomplish this with a workforce that is genuinely diverse and inclusive. In the years to come, we'll hire tens of thousands of people for every department within the airline as we continue to expand. To keep you content, healthy, and well-traveled throughout your career, our careers offer a competitive benefits package. United is a truly unique place to work, offering "Business Resource Group" communities run by employees as well as top-notch benefits like parental leave, 401k plans, and privileges like space-available travel. The world is waiting for you—are you ready?

 As the cornerstone of everything we do, we believe that inclusion fosters innovation. The worldwide Digital Technology team at United is made up of a diverse group of people who collaborate and use cutting-edge technology to create the greatest airline in aviation history. Our team creates, develops, and supports massively scalable technology solutions that are realized through cutting-edge architectures, data analytics, and digital solutions.

 Key duties include.

•  To continuously improve United's cybersecurity posture, a Principal Analyst on the Red Team works to enhance detection capabilities, fortify defenses, and improve response tactics.
•  In addition to creating and maintaining the Red Team infrastructure, a Principal Analyst is in charge of designing and carrying out Red Team Engagements, Attack Surface Reduction Engagements, and Penetration Tests. A Principal Analyst is expected to produce and present engagement results with an emphasis on the root cause, as well as mitigation and detection recommendations, and to counsel application and system owners on corrective action.
•  The Red Team's Principal Analysts also play a special role in directly supporting United's Vulnerability Disclosure Program. It is necessary to have the ability to work independently in a large-scale enterprise setting.
•  To demonstrate the risks associated with actual advanced persistent threats (APTs), develop and carry out Red Team engagements using tried-and-true methodologies, tactics, techniques, and procedures (TTPs).
•  To advance detection capabilities, conduct research and create fresh TTPs for use in engagements.
•  To assist United in identifying risk and making tactical and strategic recommendations, lead and carry out vulnerability research.
•  To assess the risks and threats from both physical threats and cybersecurity, lead and carry out physical security assessments.
•  Become a subject matter expert for the Red Team's engagements and vulnerability risk assessment.
•  Partner with other cybersecurity and digital risk teams to collaboratively drive outcomes.
•  Create and implement security policies, procedures, and standards for a variety of platforms and environments (e. g. client-server, distributed, mainframe, etc. ).
•  To suggest remediation steps for vulnerabilities and security gaps discovered during assessments, use in-depth technical knowledge and business requirements.
•  chooses methods, techniques, and evaluation standards for obtaining results while exercising judgment within broadly defined practices and policies.

 United Airlines is an equal opportunity provider. Without regard to race, religion, color, national origin, gender identity, sexual orientation, physical ability, age, veteran status, or any other protected status as prescribed by applicable law, United Airlines recruits, hires, trains, compensates and promotes its employees.

 Qualifications.

 What is required to succeed (Minimum Qualifications):.

•  a bachelor's degree in computer science or a closely related field, or an equivalent combination of education, training, and/or experience pertinent to this position.
•  4 or more years of experience are required, with at least 4 of those years being in IT security.
•  having performed code reviews, vulnerability assessments, and penetration tests against web and mobile application technologies, services, platforms, and languages to look for vulnerabilities and exploits for at least five years.
•  Empathy, maturity, and communication across roles and responsibilities are examples of people skills.
•  a desire to learn (At United, we use a lot of terminology and technology. You must be able to pick things up quickly).
•  The Red Team is a team at its core, so the ability to work as a unit is essential. As a team, we work. Lone wolves may forage elsewhere.
•  Problem-solving abilities (Our team must be able to think both inside and outside of the box. We must be able to view issues from all perspectives, not just the security one).
•  mobile platform penetration testing expertise.
•  To work in the US for any employer without sponsorship, one must have the proper legal authorization.
•  To meet the requirements for the job, the interview must be completed successfully.
•  An essential job requirement is consistent, on-time attendance.

 What will help you stand out from the competition (Preferred Qualifications):.

•  an advanced degree.
•  or expertise in critical aviation infrastructure.
•  experience in development, particularly in programming for mobile devices.
•  knowledge of Xcode, Objective-C, Java, .NET, and Structured Query Language.
•  the CISSP, OSCE, OSEP, OSCP, cRTO, OSWE, GXPN, and/or the GPEN.
•  a minimum of five of the following: expert-level practical experience and thorough technical knowledge.
•  security in general information.
•  the engineering of security.
•  application design.
•  security and authentication protocols.
•  Session management for applications.
•  Useful cryptography.
•  standardized methods of communication.
•  mobile skeletal systems.
•  technologies that use one sign-on.
•  online services.
•  knowledge of Fiddler and BurpSuite for web application security.
•  knowledge of mobile application security.
•  expertise in physical security.
•  Java, JavaScript, HTML, XML, PHP, ASP, and other programming languages are all proficiently used along with strong programming/debugging skills. NET, AJAX, JSON, and Objective-C.
•  powerful scripting abilities (e. g. Python, Perl, shell scripts, and JavaScript).
•  demonstrated the capacity to pick up new skills and use critical thinking in a variety of contexts.