Job Analyst- IT Application Security in USA - eglobejobs

Post Top Ad

Your Ad Spot

Sunday, 13 January 2019

Job Analyst- IT Application Security in USA

Analyst- IT Application Security

United Airlines  

Information Technology, Professional

Chicago, IL US
Job ID
End Date
Till Filled

Information Technology
The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.

Job overview and responsibilities
Come join a leading information security team in the aviation sector to help protect our customers and employees!
The Bug Bounty Analyst would be responsible for handing the intake of submissions and managing the metrics of United’s Bug Bounty program. In this role the Analyst will be charge of public-facing communication with information security researchers and working with internal teams as they guide each submission from acceptance to remediation to awarding the submitter. The Analyst would also be responsible for developing proactive tools and processes in response to remediated bug bounty findings.
If you're looking to further develop your skills through a variety of challenges and perform impactful work, this job is for you!                             
  • Provide L1 support for United’s Bug Bounty queue including:
    • Triage and test submissions to ensure they are valid, in-scope, and have not been submitted previously.
    • Escalating sensitive or critical submissions to the appropriate resources.
    • Address submitter’s questions in an efficient and professional manner.
    • Work with other team members to test submissions outside of the Analyst’s knowledge scope.
  • Answering developer questions, including demonstrating POCs for accepted submissions, working towards the goal of closing submissions within SLA.
  • Role involves occasional overnight testing of remediated bugs during Production releases.
  • Coordinating with the MileagePlus department to ensure submitters are paid promptly and accurately upon remediation of bugs.
  • Ensuring accurate tracking of submissions for weekly and monthly metrics which will be shared with leadership.
  • Analyzing submission trends to make recommendations for tooling and processes to proactively defend against additional security bugs.   
  • A BS or BA degree in a security-related field and/or at least two years of experience in information technology required.
  • CEH, CREST, OSWP, SANS and/or other relevant certifications are preferred.
  • Good understanding of Information Security standards, frameworks, and best practices (e.g., OWASP, SANS, WASC).
  • Ability to offer reasonable remediation solutions to problems created by insecure code.
  • Demonstrable experience with at least two of the following languages: .Net, C#, Java, PHP, Objective-C, SQL, SOAP, REST, custom APIs, Python
  • Experience with at least one of the following scanning tools such as Fortify, WebInspect, Portswigger Burp, AppScan, Accunetix, OWASP Zap.
  • Excellent written and verbal communications skills including technical writing and documentation.
  • Demonstrated organizational skills with the ability to handle multiple projects.
  • Customer service experience.
  • At least two years of experience in information technology
  • Ability to lead by example and influence change with professionalism
  • Previous experience participating in Bug Bounty programs.
  • Knowledge and/or involvement in InfoSec culture.
  • Experience working with agile development groups.
  • Must be legally authorized to work in the United States for any employer without sponsorship
  • Candidate must currently have or meet the requirements to obtain a US Government SECRET security clearance
  • Successful completion of one or more interviews required to meet position qualifications
  • Reliable, punctual attendance at United’s World Headquarters in Chicago is an essential function of the position

Equal Opportunity Employer – Minorities/Women/Veterans/Disabled/LGBT

Good Luck!

No comments:

Post a Comment

Post Top Ad

Your Ad Spot