United Airlines

Description

Connecting People. Uniting the World. There’s never been a more exciting time to join United Airlines! As a global company that operates in hundreds of locations around the world — with millions of customers and tens of thousands of employees — we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly.

We’re on a path to becoming the best airline in aviation history. Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in cyber safety, security and resilience. United's CDR team plays a critical role in protecting our operations by enabling secure and resilient systems, managing threats and vulnerabilities, and ensuring swift response and recovery. Our mission is to seamlessly embed cybersecurity and digital risk management into every aspect of our business. We help drive progress and growth through trusted digital solutions, safeguarding assets and empowering our team, all while promoting a cyber-safe and secure environment that supports resilient airline operations.

United offers a competitive benefits package aimed at keeping you happy, healthy, and well-traveled. From employee-run "Business Resource Group" communities to world-class benefits like parental leave, 401(k), and privileges like space-available travel, United is truly a one-of-a-kind place to work. Are you ready to travel the world and help us keep our airline cyber safe? Apply today!

Job overview and responsibilities

The Identity & Access Management (IAM) Security Engineer’s primary responsibility is to implement and support the integration of authentication and authorization protocols and provide overall infrastructure support aligned with CDR (Cybersecurity and Digital Risk) security principles and policies protecting data and reducing risk for the United Workforce.

The IAM Senior Engineer will be focused on the implementation and support of modern Enterprise (Workforce) IAM systems. The Senior Engineer will work closely with cross-organizational development teams, architects, analysts, and consumers of IAM authentication and authorization services. They serve as a key contact within IAM responsible for the integration of secure identity solutions during the product lifecycle.

The IAM Security Engineer requires a deep understanding of identity and access management principles, protocols, and best practices as well as experience implementing and managing IAM related automation, integrations, and orchestration. This is a senior-level position that will execute the implementation of designs and requirements provided by IAM architects and analysts and ensures that IAM capabilities and services are successfully integrated within systems across the organization while also providing ongoing support and maintenance as needed for IAM processes and technology.

• Technically implement, manage and provide support for the administration of IAM on-premise and cloud-based platforms and solutions used for workforce identity and access management (authentication and authorization) through an SDLC (software development lifecycle)
• Provide technical expertise in designing, configuring, and troubleshooting IAM solutions through robust engineering solutions that enhance performance, security, and reliability; conduct detailed root cause analysis of technical problems and implement solutions to prevent recurrences
• Develop, enhance, test, document and manage IAM automation processes to support integrations and improve business access management experiences through simplification and automation
• Architect, develop, and implement accelerators and enablers for automating IAM processes that drive efficiency and accuracy
• Identify opportunities for process optimization and execute strategies to improve service delivery and scalability
• Ensure IAM technical solutions adhere to regulatory, compliance, and internal requirements
• Maintain IAM technical documentation, policies, standards, and procedures
• Work with architects, security and technology teams to document best practices related to authentication and authorization patterns and decision criteria for the use of authentication and authorization protocols
• Create or partner to create data visualizations supporting trend analysis to proactively address IAM challenges
• Ensure IAM security is aligned with the overall Cyber Defense and Risk security strategy to reduce risks to the organization
• Collaborate with other IAM team members to provide guidance on IAM related matters and provide input to solution design and system support for partner systems and integrations
• Collaborate across the organization with development teams, cyber defense teams, and other IAM service consumers to enforce consistent authentication and authorization mechanisms and extend IAM control solutions across platforms and technology assets
• Provide guidance on the implementation and usage of IAM capabilities in enterprise systems

Qualifications

What’s needed to succeed (Minimum Qualifications):

• Bachelor's degree
• 4+ years of related experience
• In depth understanding of Workforce Identity & Access Management, Single Sign-On, and Multi-Factor Authentication (MFA)
• Scripting and automation experience with tools such as Python, Powershell, etc.
• Proven experience in performing SSO application onboarding and MFA integrations with cloud-based identity providers
• Possess deep understanding and practical knowledge of modern authentication concepts, protocols and standards such as FIDO2, SAML, OAuth, OIDC, Kerberos and Federation
• In-depth understanding of Password less authentication, API Gateways, developing SCIM connectors, and integrating with identity platforms such as Ping Identity, Okta, MS Entra, or ForgeRock
• Strong knowledge of identity proofing and identity verification technologies, adaptive risk-based authorization, and Zero Trust concepts
• Strong knowledge of security frameworks, organizational security standards and security and governance policy frameworks (example ISO, NIST, CSA Controls Matrix)
• Expertise in modern software lifecycle development, Agile methodologies, and automated cloud infrastructure deployment
• In-depth understanding of at least one of these area specific tools: Microsoft Entra, DUO, Oracle Access Manager, Okta, Auth0, Ping Identity
• Strong written and verbal communication skills with the ability to effectively communicate concepts to technical and non-technical audiences as well as across levels of leadership, appropriately adapting style and language for the audience
• Able to mentor junior talent across the team, engage in building and enhancing team culture, and influence without authority
• Demonstrated attention to detail with qualitative and quantitative information
• Strong pragmatic problem-solving skills with the ability to adapt quickly and independently to changes in scope and strategic direction
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

What will help you propel from the pack (Preferred Qualifications):

• Master's degree
• Cybersecurity, Risk Management, Computer Science
• CISA, CISM, CISSP
• 6+ years of related experience
• Knowledge of compliance regulations (SOX, PCI, FAA, GDRP, PII)
• Prior experience with large-scale Identity transformation projects, migrating from on-premise to cloud-based services, and/or implementing Passwordless technologies for large organizations
• Prior experience supporting Identity and Access management functions within the airline or transportation industry
• Experience with AI/ML, building algorithms, or technical design and implementation of automated solutions

Post expiration date: 8/4/2025