Sr. Analyst – Application Security

Job Title
Sr. Analyst – Application Security
Job ID
Chicago,  IL
Other Location

As a security analyst you will help lead the effort to build a defensive security strategy that strengthens  United's application ecosystem. 

We are looking for someone who is passionate about cyber security and eager to roll up their sleeves to  put solutions in place to help protect our airline. 

The ideal candidate will have security focused mindset and knowledge of security best practices across  multiple technologies. They will help evaluate, implement, run, and troubleshoot application security  tools that help developers produce more secure code. These efforts require being able to analyze  results of static and dynamic scan, bug bounty submissions, pen testing results to find patterns and  provide remediation recommendations through specific technical direction or sample code. In addition  to their main responsibility of optimizing United’s Application Security tooling they will be called upon to  assist on related projects which move our security efforts to more proactive engagement issues. This  role will be supported by senior security engineers who will help guide, mentor and coach to support  growth with technical expertise. 

• Conduct and manage dynamic and static code scans of United applications for security  vulnerabilities. 

• Review results of scans to verify the accuracy of the findings. 

• Validate findings of dynamic scans. 

• Work with team members (Security and Release Management) to ensure quality of scans and  reports. 

• Address questions from internal customers regarding scan processes, results, and remediation  suggestions. 

• Report metrics on application risk and vulnerability profile to leadership. 

• Ability to create quantitative business cases for enhancing security standards, processes and  tools. 

• Act as a resource for development teams in the remediation of vulnerabilities discovered by  Vulnerability Management, Application Security, or outside vendors 

• Conduct proactive risk assessments of existing applications to identify new and novel  vulnerabilities. 

• Develop training and remediation materials on application security topics for developers

• Keep up to date on application security topics to ensure most current vulnerabilities are being  incorporated into application scans, risk profiles, threat models to ensure United is protected at  the highest level.

Option 1: Create a New Profile