We have a wide variety of career opportunities around the world — come find yours.
The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.
Job overview and responsibilities
The Senior Analyst – Application Security Ambassador is responsible for ensuring integration of cyber security into United’s application development and software development lifecycles. This person will be the liaison between the development portfolio teams and security, with the goal of gaining awareness of initiatives to help ensure they meet or exceed security requirements. They will spend time directly partnering with developers performing detailed code reviews and explaining security issues in programming techniques. They will collaborate closely with development teams to remediate vulnerabilities detected during application scans to enhance United’s cyber security posture and provide information to application teams about the latest security trends, tools, and threats.
- Act as a liaison between security and development teams to be a resource for secure coding guidance and other security functions
- Review raw code of critical applications with developers for security bugs and provide information to support remediation
- Provide consultation services to development organizations and business units in the early phases to ensure secure application design
- Provide application owner feedback to help streamline security processes and look for best practices to improve speed to delivery
- Build and review simple and usable code artifacts that can be used in library form by many development teams
- Bachelor degree in Computer Science or a related field, or an equivalent combination of education, training, and/or experience related to this position
- Ability to offer reasonable remediation solutions to problems created by insecure code
- Good understanding of Information Security standards, frameworks, and best practices (e.g., OWASP)
- Programming experience with ASP.NET and C#
- Experience with at least two of the following development languages: Swift, SQL, Java, Objective-C, SOAP, REST, custom API, Python, Go
- Experience with at least one code security review tool such as: Fortify, WebInspect, Burp, Qualys WAS, etc.
- Experience working with agile/DevOps methodologies
- Ability to translate technical details for all audiences
- Technical writing and documentation skills
- Excellent written and verbal communications skills
- Understanding of complex project timelines
- At least five years of experience in Information Technology, with three or more years in development/security experience
- Candidate must currently have or meet the requirements to obtain a US Government SECRET security clearance
- Must be legally authorized to work in the United States for any employer without sponsorship
- Successful completion of interview required to meet job qualification
- Reliable, punctual attendance is an essential function of the position
- A software-development related BS or BA degree
- CISSP and/or relevant SANS certifications