Sr. Analyst – Application Security
- Job Title
- Sr. Analyst – Application Security
- Job ID
- Chicago, IL
- Other Location
As a security analyst you will help lead the effort to build a defensive security strategy that strengthens United's application ecosystem.
We are looking for someone who is passionate about cyber security and eager to roll up their sleeves to put solutions in place to help protect our airline.
The ideal candidate will have security focused mindset and knowledge of security best practices across multiple technologies. They will help evaluate, implement, run, and troubleshoot application security tools that help developers produce more secure code. These efforts require being able to analyze results of static and dynamic scan, bug bounty submissions, pen testing results to find patterns and provide remediation recommendations through specific technical direction or sample code. In addition to their main responsibility of optimizing United’s Application Security tooling they will be called upon to assist on related projects which move our security efforts to more proactive engagement issues. This role will be supported by senior security engineers who will help guide, mentor and coach to support growth with technical expertise.
• Conduct and manage dynamic and static code scans of United applications for security vulnerabilities.
• Review results of scans to verify the accuracy of the findings.
• Validate findings of dynamic scans.
• Work with team members (Security and Release Management) to ensure quality of scans and reports.
• Address questions from internal customers regarding scan processes, results, and remediation suggestions.
• Report metrics on application risk and vulnerability profile to leadership.
• Ability to create quantitative business cases for enhancing security standards, processes and tools.
• Act as a resource for development teams in the remediation of vulnerabilities discovered by Vulnerability Management, Application Security, or outside vendors
• Conduct proactive risk assessments of existing applications to identify new and novel vulnerabilities.
• Develop training and remediation materials on application security topics for developers
• Keep up to date on application security topics to ensure most current vulnerabilities are being incorporated into application scans, risk profiles, threat models to ensure United is protected at the highest level.