Senior Manager - Vulnerability and Cyber Asset Management

Uniteds Digital Technology team designs, develops, and maintains massively scaling technology solutions brought to life with innovative architectures, data analytics, and digital solutions.

Our Values: At United Airlines, we believe that inclusion propels innovation and is the foundation of all that we do. Our Shared Purpose: "Connecting people. Uniting the world." drives us to be the best airline for our employees, customers, and everyone we serve, and we can only do that with a truly diverse and inclusive workforce. Our team spans the globe and is made up of diverse individuals all working together with cutting-edge technology to build the best airline in the history of aviation.

With multiple employee-run "Business Resource Group" communities and world-class benefits like health insurance, parental leave, and space available travel, United is truly a one-of-a-kind place to work that will make you feel welcome and accepted. Come join our team and help us make a positive impact on the world.

Job overview and responsibilities

As an Enterprise Vulnerability and Asset Management Senior Manager at United Airlines, you will protect our airline and its customers by identifying, analyzing, remediating, and reporting on vulnerabilities. Our goal is to take a proactive and risk-based approach to identifying and addressing defects in order to protect United’s systems, networks, and data from cyber-attacks.

• Lead a team of analysts (associate through senior) responsible for advising and assisting application and infrastructure teams in remdiation of vulnerabilities within proper timeframes
• Own and manage vulnerability metric and remediation-related dashboards and reports
• Own and manage vulnerability scanning tools and vendor relationships

United Airlines is an equal opportunity employer. United Airlines recruits, employs, trains, compensates, and promotes regardless of race, religion, color, national origin, gender identity, sexual orientation, physical ability, age, veteran status, and other protected status as required by applicable law.

Remote option may be available

Salary range: $126,225 - $185,130

Posting end date: 7/1/2024

Required

• Bachelors degree
• STEM
• Deep understanding of cybersecurity best practices and frameworks such as NIST, MITRE, ATT&CK Framework, and OWASP top 10
• At least seven years of hands-on experience with the design, implementation, and operation of enterprise vulnerability management, or five years of experience and a masters degree
• 9 + Years of related experience
• Previous experience owning and managing scanning technology or technologies (DAST, SAST, continuous monitoring, etc.)
• Previous experience with vulnerability reporting and management processes or tools
• Excellent communication skills, both verbal and written
• Must be a self starter
• Demonstrate strong analytical and problem-solving skills, detail oriented & organized approach, excellent communication, developed interpersonal skills
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

Preferred

• Masters degree
• CVA, CEH, Security+, CISSP or other relevant certifications
• People leadership experience strongly
• Previous experience with vendor management
• Previous experience with vulnerability disclosure and bug bounty programs
• Previous development or system administration experience