Principal Architect - Infrastructure Cybersecurity (Remote)

United Airlines•Chicago, IL

1d•Remote

About The Position

United's Digital Technology team is comprised of many talented individuals all working together with cutting-edge technology to build the best airline in the history of aviation. Our team designs, develops and maintains massively scaling technology solutions brought to life with innovative architectures, data analytics, and digital solutions. Job overview and responsibilities The Principal Architect – Infrastructure Cybersecurity supports efforts to mature infrastructure security capabilities for United Airlines. You will be part of a cross-disciplinary Cyber team responsible for full stack security architecture. In this role the Architect will work on the creation and maintenance of security relevant documentation and partner with product, platform, engineering, and operations teams to ensure the adoption of security best practices across the entire application or system lifecycle. The architect with help continuously improve our cyber controls and associated playbooks, workflows, processes, and procedures.

Requirements

Bachelor's degree required
5+ years of technical experience, with direct experience related to security and architecture
Expert level knowledge of network security principles and technologies including network architecture, intrusion detection/prevention and network segmentation
Expert level knowledge of network infrastructure components and technologies like routers, switches, firewalls, proxy servers, reverse proxies, load balancers, IDS/IPS, VPN, SDWAN, network taps, application centric networking, overlay networking concepts
Expert knowledge of information security techniques and tools like content filtering, application firewalls, vulnerability scanners, EDR, forensics software, incident response, SIEM, SOAR, NAC, etc
Expert knowledge in secure configuration practices for operating systems and infrastructure components
Expert knowledge of OS or compute infrastructure components and technologies like Unix/Linux, Windows, Docker, Kubernetes, VMWare, EC2, ECS, EKS, Lambda
Expert knowledge of endpoint security technologies such as endpoint detection and response and mobile device management
Expert knowledge of Data Loss Prevention (DLP) concepts and services
Expert knowledge of identity and access management services, techniques concepts
Expert knowledge of secure wireless protocols, techniques, and products
Expert knowledge of network protocols like TCP/IP, UDP, IPSEC, SSL/TLS, HTTP, etc
Expert knowledge of common enterprise services like DNS, DHCP, LDAP, SMB, CIFS, NTP, etc
Expert knowledge of security focused processes like architecture reviews, access reviews, vulnerability management, and audit
Proficient knowledge of cloud infrastructure services, concepts, and best practices
Proficient knowledge of secure connectivity methods via private or encrypted means
Proficient knowledge of cloud interconnectivity methods
Proficient knowledge of zero trust network architectures and principles
Proficiency with security assessments and remediation guidance
Proficient knowledge of compliance frameworks and processes (e.g., NIST 800-53, CIS Controls)
Proficient knowledge of security policy and standards development
Ability to manage business and external partners
Ability to work independently and self-motivate
Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills
Must be legally authorized to work in the United States for any employer without sponsorship
Successful completion of interview required to meet job qualification
Reliable, punctual attendance is an essential function of the position

Nice To Haves

Master's degree
CCNP, CCDP, or alternate vendor equivalent
AWS Solution Architect Associate, Networking, and Security Specializations
Certifications like CISSP, ISSAP, ISSEP, ISSMP, CISM, CRISC, CEH, GIAC Family
8+ years of technical experience, 5 years directly related to security and architecture

Responsibilities

Conduct threat modeling, end-to-end security evaluation, design and development of infrastructure and cloud security policies, standards, and procedures
Demonstrate expert technology competence in two or more domains such as security, resiliency, infrastructure, platform, product, endpoint, application, identity management, and data security, and zero trust
Actively partner with stakeholders to understand business requirements and develop supporting security and resiliency principles to ensure adoption of industry and enterprise best practices
Develop and promote security and resiliency architecture strategies, frameworks and patterns while partnering closely with other cybersecurity teams and collaborating with partner organizations
Identify cybersecurity issues, strengths and weaknesses across various cyber domains and partner organizations that introduce risk and provide solutions
Assists in defining and implementing Security Standards/frameworks
Train and coach development and engineering teams to integrate CI/CD pipeline tools, test plans and vulnerabilities assessment tools for Cloud
Participate in and drive security advisory boards and committees, providing security architecture review and process ownership for new and existing solutions
Serve as a champion for secure infrastructure-as-code for end-to-end configuration and overall success of the IaaS, PaaS, and SaaS environments
Plan, design, build, and test approaches and solutions that are tied to business outcomes and our cybersecurity strategy and vision
Ensures program(s) is meeting intended purpose and metrics