Intro
Are you ready to explore a world of possibilities, both at work and during your time off? Join our American Airlines family, and you'll travel the world, grow your expertise and become the best version of you. As you embark on a new journey, you'll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life. Feel free to enrich both your personal and work life and hop on board!
Why you'll love this job
This job is a member of the Cybersecurity and Technology Risk Management, within the Information Technology Division. The primary mission of Cybersecurity and Technology Risk Management is to increase American's resiliency to Cyber Material Loss Scenarios. These include, but are not limited to, disruption of Operational Delivery and Fleet, Customer Data Disclosure, and Reliance on Third Parties.
The CIR (Cyber Security Incident Response) Sr. engineer is responsible for the building and supporting the underlying technologies that support the CIR Operations groups as well as producing architecture, enforcing process governance, mentoring, and shepherding of teams seeking regulatory compliance. These technologies include TIP, SOAR, SIEM, EDR, and many other detection and incident response technologies. This role will heavily require mature scripting and automation skillsets.
What you'll do
As noted above, this list is intended to reflect the current job but there may be additional essential functions (and certainly non-essential job functions) that are not referenced. Management will modify the job or require other tasks be performed whenever it is deemed appropriate to do so, observing, of course, any legal obligations including any collective bargaining obligations.
Manage or assist in the management of the CIR event and information platform
Develop playbook and process automation utilizing the SOAR technologies
Aid in the management of alerts and configurations of technologies that CIR relies on (IDS/IPS, Email Security technologies, Firewalls, etc.)
Help with the ingestion of threat intel into the appropriate tools and groups
Assist in the tuning of alerts generated from all Cybersecurity tooling
Support and maintain the endpoint detection and response tooling
Aid in ingestion of asset data into the functions and systems of the CIR
Assist in tool management during an immediate incident (24/7)
Maintain and monitor platforms to ensure 24/7 readiness and operability of CIRE services
Present technical documentation to enterprise architecture and standardization boards
Create processes that allow non-security minded teams the ability to achieve regulatory compliance
Consistently work with CIR and Application team in an iterative fashion to ensure that all security events are monitored, complete, and accounted for.
All you'll need for success
Minimum Qualifications- Education & Prior Job Experience
Bachelor's Degree in Computer Science, Information Systems, Engineering , Technology, or related field or equivalent experience/training
4 years of Information Technology related experience
4 years of building and using APIs
4 years of networking experience
4 years Windows/Linux experience
3 years of big data platforms experience
4 years of Security or SecOps experience
Preferred Qualifications- Education & Prior Job Experience
Information Systems, Engineering, Technology, or related field or equivalent experience/training
Cloud experience (IBM and/or Azure)
Implementation of Performance Monitoring Tools
Scripting experience
Data Engineering experience
Skills, Licenses & Certifications
Information Security Certification
Security+ CISSP
Ability to script in languages like Python or JavaScript
Knowledge of how to use Webhooks, API's
Knowledge of Linux/Unix, Powershell, Basic Windows Administration, Git
Knowledge of Security Concepts, Mitre ATT&CK Framework, PCI Compliance Requirements
Knowledge of Networking concepts, services, and protocols
Knowledge of basic cloud security controls and architecture
Knowledge of SIEM, EDR, SOAR Platforms, Big Data Platforms
Understanding of the OSI model
Experience with Agile methodologies and tools
Ability to work independently and effectively cooperate with others
A solid understanding of networking, cyber security concepts, vulnerability identification and cyber threat intelligence is necessary
Excellent communications skills, that includes the ability to provide formal documentation of analysis and/or research results to include briefings, reports, writing, training of lower level analysts, and editing at a technical/professional level
What you'll get
Feel free to take advantage of all that American Airlines has to offer:
Travel Perks: Ready to explore the world? You, your family and your friends can reach 365 destinations on more than 6,800 daily flights across our global network.
Health Benefits: On day one, you'll have access to your health, dental, prescription and vision benefits to help you stay well. And that's just the start, we also offer virtual doctor visits, flexible spending accounts and more.
Wellness Programs: We want you to be the best version of yourself - that's why our wellness programs provide you with all the right tools, resources and support you need.
401(k) Program: Available upon hire and, depending on the workgroup, employer contributions to your 401(k) program are available after one year.
Additional Benefits: Other great benefits include our Employee Assistance Program, pet insurance and discounts on hotels, cars, cruises and more
Feel free to be yourself at American
From the team members we hire to the customers we serve, inclusion and diversity are the foundation of the dynamic workforce at American Airlines. Our 20+ Employee Business Resource Groups are focused on connecting our team members to our customers, suppliers, communities and shareholders, helping team members reach their full potential and creating an inclusive work environment to meet and exceed the needs of our diverse world.
Are you ready to feel a tremendous sense of pride and satisfaction as you do your part to keep the largest airline in the world running smoothly as we care for people on life's journey? Feel free to be yourself at American.
EQUAL EMPLOYMENT OPPORTUNITY/ AFFIRMATIVE ACTION POLICY
American Airlines maintains a continuing policy of nondiscrimination in employment. It is our policy to provide equal opportunity and access for all persons, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or status as a disabled veteran or other protected veteran, in all phases of the employment process and in compliance with applicable federal, state, and local laws and regulations. This policy of nondiscrimination shall include, but not be limited to, the following employment decisions and practices: hiring; upgrading; promotions; demotions or transfers; layoffs; recalls; terminations; rates of pay or other forms of compensation; selection for training, including apprenticeship; and recruitment or recruitment advertising.
S:SKINTIAGP11