Chicago, IL, USA
6 days ago
Principal Architect

Connecting People. Uniting the World. There’s never been a more exciting time to join United Airlines As a global company that operates in hundreds of locations around the world — with millions of customers and tens of thousands of employees — we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly.

We’re on a path toward becoming the best airline in the history of aviation. Join our Cybersecurity and Digital Risk (CDR) team to help us also become the leading cyber-safe airline in the industry. United’s CDR team is tasked with keeping our customers’ and employees’ information safe and secure. Our primary mission is to embed cybersecurity into the DNA of United Airlines by reducing business risk through implementation of strong cybersecurity standard processes.

United offers a competitive benefits package aimed at keeping you happy, healthy and well-traveled. From employee-run "Business Resource Group" communities to world-class benefits like parental leave, 401k and privileges like space available travel, United is truly a one-of-a-kind place to work. Are you ready to travel the world and help us keep our airline cyber safe? Apply today

Key Responsibilities:

The Principal Architect – Infrastructure Cybersecurity supports efforts to mature infrastructure security capabilities for United Airlines. You will be part of a cross-disciplinary Cyber team responsible for full stack security architecture. In this role the Architect will work on the creation and maintenance of security relevant documentation and partner with product, platform, engineering, and operations teams to ensure the adoption of security standard processes across the entire application or system lifecycle. The architect with help continuously improve our cyber controls and associated playbooks, workflows, processes, and procedures.

Conduct threat modeling, end-to-end security evaluation, design and development of infrastructure and cloud security policies, standards, and proceduresDemonstrate expert technology competence in two or more domains such as security, resiliency, infrastructure, platform, product, endpoint, application, identity management, and data security, and zero trustActively partner with team members to understand business requirements and develop supporting security and resiliency principles to ensure adoption of industry and enterprise standard processesDevelop and promote security and resiliency architecture strategies, frameworks and patterns while partnering closely with other cybersecurity teams and collaborating with partner organizationsIdentify cybersecurity issues, strengths and weaknesses across various cyber domains and partner organizations that introduce risk and provide solutionsAssists in defining and implementing Security Standards/frameworksTrain and coach development and engineering teams to integrate cybersecurity networking best practices into infrastructure and foundational services. Participate in and drive security advisory boards and committees, providing security architecture review and process ownership for new and existing solutionsServe as a champion for secure infrastructure-as-code for end-to-end configuration and overall success of the IaaS, PaaS, and SaaS environmentsPlan, design, build, and test approaches and solutions that are tied to business outcomes and our cybersecurity strategy and visionEnsures program(s) is meeting intended purpose and metrics

United values diverse experiences, perspectives, and we encourage everyone who meets the minimum qualifications to apply. While having the “desired” qualifications make for a stronger candidate, we encourage applicants who may not feel they check ALL of those boxes. We are always looking for individuals who will bring something new to the table.

Connecting People. Uniting the World. There’s never been a more exciting time to join United Airlines As a global company that operates in hundreds of locations around the world — with millions of customers and tens of thousands of employees — we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly.

We’re on a path toward becoming the best airline in the history of aviation. Join our Cybersecurity and Digital Risk (CDR) team to help us also become the leading cyber-safe airline in the industry. United’s CDR team is tasked with keeping our customers’ and employees’ information safe and secure. Our primary mission is to embed cybersecurity into the DNA of United Airlines by reducing business risk through implementation of strong cybersecurity standard processes.

United offers a competitive benefits package aimed at keeping you happy, healthy and well-traveled. From employee-run "Business Resource Group" communities to world-class benefits like parental leave, 401k and privileges like space available travel, United is truly a one-of-a-kind place to work. Are you ready to travel the world and help us keep our airline cyber safe? Apply today

Key Responsibilities:

The Principal Architect – Infrastructure Cybersecurity supports efforts to mature infrastructure security capabilities for United Airlines. You will be part of a cross-disciplinary Cyber team responsible for full stack security architecture. In this role the Architect will work on the creation and maintenance of security relevant documentation and partner with product, platform, engineering, and operations teams to ensure the adoption of security standard processes across the entire application or system lifecycle. The architect with help continuously improve our cyber controls and associated playbooks, workflows, processes, and procedures.

Conduct threat modeling, end-to-end security evaluation, design and development of infrastructure and cloud security policies, standards, and proceduresDemonstrate expert technology competence in two or more domains such as security, resiliency, infrastructure, platform, product, endpoint, application, identity management, and data security, and zero trustActively partner with team members to understand business requirements and develop supporting security and resiliency principles to ensure adoption of industry and enterprise standard processesDevelop and promote security and resiliency architecture strategies, frameworks and patterns while partnering closely with other cybersecurity teams and collaborating with partner organizationsIdentify cybersecurity issues, strengths and weaknesses across various cyber domains and partner organizations that introduce risk and provide solutionsAssists in defining and implementing Security Standards/frameworksTrain and coach development and engineering teams to integrate cybersecurity networking best practices into infrastructure and foundational services. Participate in and drive security advisory boards and committees, providing security architecture review and process ownership for new and existing solutionsServe as a champion for secure infrastructure-as-code for end-to-end configuration and overall success of the IaaS, PaaS, and SaaS environmentsPlan, design, build, and test approaches and solutions that are tied to business outcomes and our cybersecurity strategy and visionEnsures program(s) is meeting intended purpose and metrics

United values diverse experiences, perspectives, and we encourage everyone who meets the minimum qualifications to apply. While having the “desired” qualifications make for a stronger candidate, we encourage applicants who may not feel they check ALL of those boxes. We are always looking for individuals who will bring something new to the table.

What’s needed to succeed (Minimum Qualifications):Bachelors degree required7 years of technical experience, with recent emphasis on security and architectureExpert level knowledge of network security principles and technologies including network architecture, segmentation and access control strategiesExpert level knowledge of network infrastructure components and technologies like routers, switches, firewalls, proxy servers, reverse proxies, load balancers, IDS/IPS, VPN, SDWAN, network taps, application centric networking, overlay networking conceptsExpertise in developing and maintaining cybersecurity standards, mapping and tailoring controls, and overseeing security metrics to ensure alignment with network security objectives, broader infrastructure security objectives, and compliance requirementsProficient knowledge of secure connectivity methods via private or encrypted meansProficient knowledge of cloud interconnectivity methodsAbility to work independently and self-motivateExcellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skillsMust be legally authorized to work in the United States for any employer without sponsorshipSuccessful completion of interview required to meet job qualificationReliable, punctual attendance is an essential function of the positionWhat will help you propel from the pack (Preferred Qualifications):Masters degreeCCIE highly preferredCCNP, CCDP, AWS Solution Architect Associate, Networking, and Security Specializations, CISSP, ISSAP, ISSEP, ISSMP, CISM, CRISC, CEH, GIAC Family8 years of technical experience, 5 years directly related to security and architectureUnderstanding of core identity concepts, including SAML, SCIM, IDP, OIDC, and related integrations with security policy decision and enforcement points.Experience and expertise in securing wireless and cellular networks, campus networking infrastructures, and satellite communication technologies.Understanding of identity and access management (IAM) principles and protocols, and experience integrating IAM solutions into enterprise security architectures.Expert knowledge of information security techniques and tools like content filtering, application firewalls, vulnerability scanners, EDR, forensics software, incident response, SIEM, SOAR, NAC, etcExpert knowledge in secure configuration practices for operating systems and infrastructure componentsExpert knowledge of OS or compute infrastructure components and technologies like Unix/Linux, Windows, Docker, Kubernetes, VMWare, EC2, ECS, EKS, LambdaExpert knowledge of endpoint security technologies such as endpoint detection and response and mobile device managementExpert knowledge of Data Loss Prevention (DLP) concepts and servicesExpert knowledge of identity and access management services, techniques conceptsExpert knowledge of secure wireless protocols, techniques, and productsExpert knowledge of network protocols like TCP/IP, UDP, IPSEC, SSL/TLS, HTTP, etcExpert knowledge of common enterprise services like DNS, DHCP, LDAP, SMB, CIFS, NTP, etcExpert knowledge of security focused processes like architecture reviews, access reviews, vulnerability management, and auditProficient knowledge of cloud infrastructure services, concepts, and standard methodologiesProficient knowledge of zero trust network architectures and principlesProficiency with security assessments and remediation guidanceProficient knowledge of compliance frameworks and processes like NIST Cybersecurity Framework (CSF), PCI DSS, COBIT, MITRE ATTCK, STRIDE, NIST SP 800-53, CIS Benchmarks, etcProficient knowledge of security policy and standards developmentAbility to manage business and external partners

Post expiration date: 1/31/2025

What’s needed to succeed (Minimum Qualifications):Bachelors degree required7 years of technical experience, with recent emphasis on security and architectureExpert level knowledge of network security principles and technologies including network architecture, segmentation and access control strategiesExpert level knowledge of network infrastructure components and technologies like routers, switches, firewalls, proxy servers, reverse proxies, load balancers, IDS/IPS, VPN, SDWAN, network taps, application centric networking, overlay networking conceptsExpertise in developing and maintaining cybersecurity standards, mapping and tailoring controls, and overseeing security metrics to ensure alignment with network security objectives, broader infrastructure security objectives, and compliance requirementsProficient knowledge of secure connectivity methods via private or encrypted meansProficient knowledge of cloud interconnectivity methodsAbility to work independently and self-motivateExcellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skillsMust be legally authorized to work in the United States for any employer without sponsorshipSuccessful completion of interview required to meet job qualificationReliable, punctual attendance is an essential function of the positionWhat will help you propel from the pack (Preferred Qualifications):Masters degreeCCIE highly preferredCCNP, CCDP, AWS Solution Architect Associate, Networking, and Security Specializations, CISSP, ISSAP, ISSEP, ISSMP, CISM, CRISC, CEH, GIAC Family8 years of technical experience, 5 years directly related to security and architectureUnderstanding of core identity concepts, including SAML, SCIM, IDP, OIDC, and related integrations with security policy decision and enforcement points.Experience and expertise in securing wireless and cellular networks, campus networking infrastructures, and satellite communication technologies.Understanding of identity and access management (IAM) principles and protocols, and experience integrating IAM solutions into enterprise security architectures.Expert knowledge of information security techniques and tools like content filtering, application firewalls, vulnerability scanners, EDR, forensics software, incident response, SIEM, SOAR, NAC, etcExpert knowledge in secure configuration practices for operating systems and infrastructure componentsExpert knowledge of OS or compute infrastructure components and technologies like Unix/Linux, Windows, Docker, Kubernetes, VMWare, EC2, ECS, EKS, LambdaExpert knowledge of endpoint security technologies such as endpoint detection and response and mobile device managementExpert knowledge of Data Loss Prevention (DLP) concepts and servicesExpert knowledge of identity and access management services, techniques conceptsExpert knowledge of secure wireless protocols, techniques, and productsExpert knowledge of network protocols like TCP/IP, UDP, IPSEC, SSL/TLS, HTTP, etcExpert knowledge of common enterprise services like DNS, DHCP, LDAP, SMB, CIFS, NTP, etcExpert knowledge of security focused processes like architecture reviews, access reviews, vulnerability management, and auditProficient knowledge of cloud infrastructure services, concepts, and standard methodologiesProficient knowledge of zero trust network architectures and principlesProficiency with security assessments and remediation guidanceProficient knowledge of compliance frameworks and processes like NIST Cybersecurity Framework (CSF), PCI DSS, COBIT, MITRE ATTCK, STRIDE, NIST SP 800-53, CIS Benchmarks, etcProficient knowledge of security policy and standards developmentAbility to manage business and external partners

Post expiration date: 1/31/2025

Confirm your E-mail: Send Email