Senior Analyst - Vulnerability and Cyber Asset Management (Remote)

About the position

As a Senior Analyst in Vulnerability and Cyber Asset Management at United Airlines, you will play a critical role in safeguarding our airline and its customers by identifying, analyzing, remediating, and reporting on vulnerabilities. This position is part of our Cybersecurity and Digital Risk (CDR) team, which is dedicated to embedding cybersecurity into the DNA of United Airlines. Our mission is to reduce business risk through the implementation of strong cybersecurity best practices, ensuring the safety and security of our customers' and employees' information. In this role, you will support the entire vulnerability lifecycle, which includes discovery, assessment, reporting, remediation, and validation of vulnerabilities. You will work closely with infrastructure and application teams to advise and assist in the remediation of vulnerabilities within established timeframes, while also tracking the progress of these remediations. A key aspect of your responsibilities will be to understand and advise on enterprise policies and technical standards related to vulnerability management and secure configuration. Additionally, you will assist in incident response engagements and operate and maintain an enterprise vulnerability management platform and scanning architecture. You will be responsible for creating vulnerability metrics and remediation-related dashboards and reports, collaborating with third-party cloud application contacts to ensure compliance with our enterprise vulnerability management standards, controls, policies, and principles. This position offers a unique opportunity to contribute to the cybersecurity posture of one of the leading airlines in the world, while also providing you with the chance to travel and experience the global nature of our operations.

Responsibilities
? Identify, analyze, remediate, and report on vulnerabilities to protect the airline and its customers.
,
? Support the entire vulnerability lifecycle from discovery to assessment, reporting, remediation, and validation.
,
? Work closely with infrastructure and application teams to advise and assist in remediation of vulnerabilities within proper timeframes and track remediation progress.
,
? Understand and advise on enterprise policies and technical standards regarding vulnerability management and secure configuration.
,
? Assist in incident response engagements as needed.
,
? Operate and maintain an enterprise vulnerability management platform and scanning architecture.
,
? Create vulnerability metric and remediation-related dashboards and reports.
,
? Collaborate with third-party cloud applications contacts to ensure compliance with enterprise vulnerability management standards, controls, policies, and principles.

Requirements
? Bachelor's degree required (STEM).
,
? 4 years of hands-on experience with the design, implementation, and operation of enterprise vulnerability management.
,
? Understanding of cybersecurity frameworks (SOX, NIST, FISMA, etc.).
,
? Ability to manage and use various scanning technologies across different layers of the tech stack, such as SAST, DAST, and cloud infrastructure.
,
? Fundamental understanding of vulnerability reporting and management processes or tools.
,
? Solid grasp and understanding of vulnerability scoring and classification methodologies.
,
? Strong analytical and problem-solving skills, detail-oriented and organized approach, superb communication, and developed interpersonal skills.
,
? Must be legally authorized to work in the United States for any employer without sponsorship.
,
? Successful completion of interview required to meet job qualification.
,
? Reliable, punctual attendance is an essential function of the position.

Nice-to-haves
? Master's degree or equivalent experience.
,
? Previous experience with vulnerability management solutions (e.g., ServiceNow Vulnerability Response).
,
? Previous experience with data analytics technologies (e.g., Quicksight, other business analytics tools).
,
? Previous development or system administration experience.

Benefits
? Competitive benefits package including parental leave, 401k, and privileges like space available travel.
,
? Employee-run 'Business Resource Group' communities.