United's Digital Technology team is working to build the best airline in the history of aviation by designing, developing, and maintaining massively scaling technology solutions with innovative architectures, data analytics, and digital solutions. The Senior Manager - Product Cybersecurity is needed to lead a team responsible for the end-to-end security architecture of United's products, applications, and services, ensuring security vision across the entire product portfolio.
Requirements
- Proficiency with OWASP Top 10
- Proficient knowledge of threat modeling
- Proficient knowledge of risk management processes
- Proficient knowledge of DevSecOps (e.g., CI/CD, IaC,PaC,CaC)
- Proficiency with application testing (e.g., SAST, DAST, MAST, RAST, IAST, Pen Test tooling)
- Proficiency with scripting (e.g., PowerShell, Python, Perl, Bash)
- Proficiency with programming languages and modern programming language structure (e.g., Object Oriented Programming, web framework)
Responsibilities
- developing and maintaining end-to-end security architecture of United’s product(s)/application(s)/service(s)
- create and implement a vision for security across all products within the United portfolio
- Monitors changes in legislation and compliance standards that affect assigned areas of responsibility and proactively acts to update standards, best practices and architectures based on this information
- Coordinates remediation of non-compliant items to meet applicable compliance standards and best practices
- Proficiency with application testing (e.g., SAST, DAST, MAST, RAST, IAST, Pen Test tooling)
- Proficiency with DevSecOps technology stacks (e.g., AWS, Harness, TeamCity, GitHub, Artifactory, CHEF, CloudWatch)
- Proficiency with vulnerability management processes and providing remediation guidance
Other
- Responsible for recruiting and talent development of team, including personnel management
- Define, prioritize, allocate resources, track, and provide status reporting of work assignments, projects, and programs
- Assist with annual budgeting and monthly forecasting
- Must be legally authorized to work in the United States for any employer without sponsorship
- Reliable, punctual attendance is an essential function of the position
