Job Description
Intro
Are you ready to explore a world of possibilities, both at work and during your time off? Join our American Airlines family, and you’ll travel the world, grow your expertise and become the best version of you. As you embark on a new journey, you’ll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life. Feel free to enrich both your personal and work life and hop on board!
Why you'll love this job
This job is a member of the Information Technology Team, within the Information Technology Division .
The Manager of the Vulnerability Management team is responsible for achieving the goals of American Airlines’ Cybersecurity program through the implementation of processes, procedures, and performance indicators related to infrastructure and application configuration security, identification and tracking open vulnerabilities, and incorporation of the latest threat intelligence. The Manager will be responsible for developing and driving the program strategy and roadmap, deploying and maintaining technology solutions, creating technical security policies leading and managing teams and deliverables, maintaining smooth operations, ensuring SLAs and KPIs are met, and following policies and procedures.
What you'll do
As noted above, this list is intended to reflect the current job but there may be additional essential functions (and certainly non-essential job functions) that are not referenced. Management will modify the job or require other tasks be performed whenever it is deemed appropriate to do so, observing, of course, any legal obligations including any collective bargaining obligations.
- Leads and manages the Configuration Security and Vulnerability Management programs
- Develops and drives the program strategy and roadmap according to American Airlines’ Cybersecurity vision, frameworks, and policies
- Designs, deploys, maintains, and fine-tunes Configuration Security and Vulnerability Management solutions
- Develops workflows with external teams: Application Security, and Cloud Security
- Ensures effective configuration security and compliance posture, and vulnerability detection and remediation
- Identifies chronic operational and security issues and ensures that they are managed appropriately
- Manages and escalates roadblocks that may jeopardize security operations or increase risk to the company
- Creates and maintains technical security policies, standards, configuration baselines, benchmarks, guidelines, and SOPs
- Interfaces and collaborates with cross-functional teams and organizations, esp. to identify and engineer improvements, and remediate security vulnerabilities and mitigate risks
- Conducts new technology/product evaluations through Proof of Concept (PoC) with other engineers and architects
All you'll need for success
Minimum Qualifications- Education & Prior Job Experience
- Bachelor’s degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
- 5 years of Information Technology related experience
- 4 years of Information Security related experience
- 2 years of management/leadership experience
Preferred Qualifications- Education & Prior Job Experience
- Master’s degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
- 10+ years of Information Security related experience
Skills, Licenses & Certifications
- Hands-on eExperience with Configuration Security and Vulnerability Management solutions , like Tanium, Tenable, Defender, Qualys, and Nucleus
- Working experience with scripting or programming (shell scripting, PowerShell, Python, etc.)
- Information Security Certification such as: CISSP, CISM, CISA, CEH, GCIH, GCIA, GCFA, GREM
- Familiarity with NIST Special Publications (e.g. 800-53, 800-37)
- Familiarity with PCI DSS Compliance standards and scanning practices
- Experience managing work using Agile principles for planning and delivery
- Strong technical aptitude, attention to detail and high commitment to quality
- Strong analytical and problem- solving skills
- Solution oriented, can define various pragmatic alternatives leading to appropriate Cybersecurity outcomes
- Ability to work independently with a high degree of initiative
What you'll get
Feel free to take advantage of all that American Airlines has to offer:
- Travel Perks: Ready to explore the world? You, your family and your friends can reach 365 destinations on more than 6,800 daily flights across our global network.
- Health Benefits: On day one, you’ll have access to your health, dental, prescription and vision benefits to help you stay well. And that’s just the start, we also offer virtual doctor visits, flexible spending accounts and more.
- Wellness Programs: We want you to be the best version of yourself – that’s why our wellness programs provide you with all the right tools, resources and support you need.
- 401(k) Program: Available upon hire and, depending on the workgroup, employer contributions to your 401(k) program are available after one year.
- Additional Benefits: Other great benefits include our Employee Assistance Program, pet insurance and discounts on hotels, cars, cruises and more
Feel free to be yourself at American
From the team members we hire to the customers we serve, inclusion and diversity are the foundation of the dynamic workforce at American Airlines. Our 20+ Employee Business Resource Groups are focused on connecting our team members to our customers, suppliers, communities and shareholders, helping team members reach their full potential and creating an inclusive work environment to meet and exceed the needs of our diverse world.
Are you ready to feel a tremendous sense of pride and satisfaction as you do your part to keep the largest airline in the world running smoothly as we care for people on life’s journey? Feel free to be yourself at American.