Engineer - Infra & Cloud Cybersecurity

Description

Job overview and responsibilities

The Engineer - Infrastructure and Cloud Cybersecurity supports efforts to mature infrastructure security capabilities for United Airlines. Will be part of a cross-disciplinary Cyber team responsible for full stack security architecture. In this role the Architect will work on the creation and maintenance of security relevant documentation and partner with product, platform, engineering, and operations teams to ensure the adoption of security best practices across the entire application or system lifecycle. The role will continuously assess risks and weaknesses and identify security design or implementation gaps in existing products and services. The role with help continuously improve our cyber controls and associated playbooks, workflows, processes, and procedures.

• Enhance cybersecurity team accomplishments and competencies by planning the delivery of solutions and answering technical questions
• Determine cybersecurity requirements by evaluating business strategies, pain points, and use cases
• Plan, research, and design robust cybersecurity architectures for any IT project
• Regularly communicate vital information, security needs and priorities to upper management
• Remain up to date with the latest security systems, standards, authentication protocols, and products
• Design cybersecurity architecture elements to mitigate threats as they emerge
• Identify and communicate current and emerging security threats
• Define, implement, and maintain corporate security policies, procedures, and standards

Qualifications

What's needed to succeed (Minimum Qualifications):

• Bachelor's degree
• 3+ years in a technical role
• Basic understanding of cloud infrastructure services, concepts, and best practices
• Basic understanding of secure connectivity methods via private or encrypted means
• Basic understanding of cloud interconnectivity methods
• Basic understanding of zero trust network architectures and principles
• Basic understanding with security assessments and remediation guidance
• Working knowledge of network security principles and technologies including network architecture, intrusion detection/prevention and network segmentation
• Working knowledge of network infrastructure components and technologies like routers, switches, firewalls, proxy servers, reverse proxies, load balancers, IDS/IPS, VPN, SDWAN, network taps, application centric networking, overlay networking concepts
• Working knowledge of information security techniques and tools like content filtering, application firewalls, vulnerability scanners, EDR, forensics software, incident response, SIEM, SOAR, NAC, etc
• Working knowledge in secure configuration practices for operating systems and infrastructure components
• Working knowledge of OS or compute infrastructure components and technologies like Unix/Linux, Windows, Docker, Kubernetes, VMWare, EC2, ECS, EKS, Lambda
• Working knowledge of endpoint security technologies such as endpoint detection and response and mobile device management
• Working knowledge of Data Loss Prevention (DLP) concepts and services
• Working knowledge of secure wireless protocols, techniques, and products
• Working knowledge of network protocols like TCP/IP, UDP, IPSEC, SSL/TLS, HTTP, etc
• Working knowledge of common enterprise services like DNS, DHCP, LDAP, SMB, CIFS, NTP, etc
• Working knowledge of security focused processes like architecture reviews, access reviews, vulnerability management, and audit
• Ability to work independently and self-motivate
• Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

What will help you propel from the pack (Preferred Qualifications):

• CISSP
• CCNA
• AWS Security, Architect
• CCSP
• CEH
• 4+ years in a technical role
• Working knowledge of identity and access management services, techniques concepts
• Working knowledge of role-based access control
• Basic understanding of compliance frameworks and processes (e.g., NIST 800-53, CIS Controls)