Technology Analyst - Application Security
Southwest Airlines
Dallas, Texas
Job Description
Department: Technology
Our Company Promise
We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Employees will be provided the same concern, respect, and caring attitude within the organization that they are expected to share externally with every Southwest Customer.
Job Description:
The People of Southwest Airlines come together to deliver on our Purpose, which is to connect People to what’s important in their lives through friendly, reliable, and low-cost air travel. This Technology Analyst invests in the future of Southwest’s People in their work across IT infrastructure, DevOps, and Cybersecurity to scale infrastructure security. This role will be part of the Cybersecurity Vulnerability Management Team, and they’ll partner with external threat research partners to communicate vulnerabilities and ensure remediation outcomes. Remediation may include expanding our toolsets, automating capabilities, and integrating into the continuous integration and continuous deployment (CI/CD) pipeline. This Analyst proposes change and process improvements by challenging the status-quo and brainstorming innovative ideas in this space. The Technology Analyst is excited to learn and grow in their expertise each day and have the opportunity to drive the future of Southwest Airlines.
Additional details:
This role is offered as a remote workplace position, which may require travel for trainings , meetings, conferences, etc. Outside of those required visits, the majority of your working time may be spent in a remote location, away from our Corporate Campus. Please note, while this is a remote position, there is limited group of states or localities ineligible for Employees to regularly perform their work off-site. Those ineligible locations are: Alaska, Delaware, New Jersey, North Dakota, South Dakota, Vermont, West Virginia, and Wyoming.
U.S. citizenship or current authorization to work in the U.S. is required, and no current or future work authorization sponsorship available.
Southwest Airlines is an Equal Opportunity Employer. We continue to look for opportunities to reflect the communities we serve, and welcome applicants with diverse thoughts, backgrounds, and experiences.
Job Summary
Conduct needs analysis to create quality solutions. Ensure solutions are aligned with stated requirements and comply with departmental standards. Manage activities to ensure solutions are delivered on-time and within budget. Serve as a resource to ensure effective communications to customers or key stakeholders.
Responsibilities
Apply knowledge and skills of analysis, business processes, tools, domains, project methodologies, requirements definitions, and testing to solve a range of problems.
Performing vulnerability assessments on SouthWest’s internal and external systems. This includes the 3rd party developed and supported systems present within the environment.
Execute Network, Server, Database and application assessments as a daily activity.
Candidate would be serving internal customers by advising and providing expert guidance on remediation strategies for identified vulnerabilities.
Partner with other Technology Team members to provide advice or solutions within his or her area of expertise
Stay informed about current developments within his or her expertise
Identify strengths and weaknesses of alternative solutions, conclusions, or approaches to problems
Estimate effort and value for solutions
Apply business solutions with broad level knowledge about technology platforms/architectures
Verify information and carefully review and check the accuracy of own work using dependency identification processes in technology work
Establish or follow prioritization process to drive work, completing work with a sense of urgency
Express ideas, business or technical requirements clearly and concisely in writing using appropriate levels of summary and synthesis
Monitor program risks, issues, and scope proactively, ensuring the appropriate level of priority, visibility and escalation
May perform other job duties as directed by Employee's Leaders
Knowledge, Skills and Abilities
Programming experience with one or more of the following Java/J2EE, .NET, Python, JavaScript, NodeJS, GO, etc.
Understanding of the OWASP Top 10.
Experience with Application Security Vulnerability Testing Tools (Fortify, Veracode, Synopsys, WhiteSource, Netsparker, Invicti, Snyk, Gitlab SAST, etc.).
Experience with Application Security Vulnerability Management Tools (ServiceNow, DefectDojo, PlexTrac, ThreadFix, etc.).
Knowledge of Threat Modeling and Threat Intelligence Tools (Bisight, RiskIQ, SecurityScorecard, RecordedFuture, CrowdStrike, RiskRecon, Trellix, etc.).
Proficient knowledge of technical environments
Proficient knowledge of software development methodologies
Skilled in partnering, communication, and negotiation in working with various Teams and/or external partners
Ability to analyze medium to large Business or technical problems, articulating the problem or root cause, and translating the analysis into viable solution recommendations
Ability to work effectively in a strong Customer service/team oriented environment
Ability to research, create, and document requirements, processes, and technical specifications
Ability to manage and prioritize effectively multiple and widely varied work streams/tasks
Ability to take on multiple assignments, whether administrative or project related, while maintaining a successful level of completion in all responsible work; able to mentor others to do the same
Ability to teach and mentor others concerning technical and business subjects
Education
Required: High School Diploma or GED
Required: Bachelor's degree in Business, Engineering, Computer Science, or Information Systems, or related field; or equivalent formal training
Experience
Required: Intermediate-level experience, fully functioning broad knowledge in information technology (IT) operations, programming, systems/software development or another IT related field
Preferred: Experience in Agile full-stack web or mobile application development
Preferred: Programming experience with one or more of the following: Java/J2EE, .NET, Python, JavaScript, NodeJS, GO, etc.
Preferred: Experience with Application Security Vulnerability Testing Tools (Fortify, Veracode, Synopsys, WhiteSource, Netsparker, Invicti, Snyk, Gitlab SAST, etc.) and/or Management Tools (ServiceNow, DefectDojo, PlexTrac, ThreadFix, etc.)
Preferred: Knowledge of threat modeling and threat intelligence tools (Bisight, RiskIQ, SecurityScorecard, RecordedFuture, CrowdStrike, RiskRecon, Trellix, etc.)
Preferred: Understanding of the Open Web Application Security Project (OWASP) Top 10
Licensing/Certification
N/A
Physical Abilities
Ability to perform work duties from [limited space work station/desk/office area] for extended periods of time
Ability to communicate and interact with others in the English language to meet the demands of the job
Ability to use a computer and other office productivity tools with sufficient speed and accuracy to meet the demands of the job
Other Qualifications
Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines
Must be a U.S. citizen or have authorization to work in the United States as defined by the Immigration Reform Act of 1986
Must be at least 18 years of age
Must be able to comply with Company attendance standards as described in established guidelines
Limited travel with potential for increased/decreased travel based upon Technology Department needs
Competitive market salary from $98,000 per year to $108,600 per year* depending on qualifications and experience. For eligible Leadership and individual contributor roles, additional bonus opportunities are available and awarded at the discretion of the company.
Southwest Airlines is an Equal Opportunity Employer.
Please print/save this job description because it won't be available after you apply.
Our Company Promise
We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Employees will be provided the same concern, respect, and caring attitude within the organization that they are expected to share externally with every Southwest Customer.
Job Description:
The People of Southwest Airlines come together to deliver on our Purpose, which is to connect People to what’s important in their lives through friendly, reliable, and low-cost air travel. This Technology Analyst invests in the future of Southwest’s People in their work across IT infrastructure, DevOps, and Cybersecurity to scale infrastructure security. This role will be part of the Cybersecurity Vulnerability Management Team, and they’ll partner with external threat research partners to communicate vulnerabilities and ensure remediation outcomes. Remediation may include expanding our toolsets, automating capabilities, and integrating into the continuous integration and continuous deployment (CI/CD) pipeline. This Analyst proposes change and process improvements by challenging the status-quo and brainstorming innovative ideas in this space. The Technology Analyst is excited to learn and grow in their expertise each day and have the opportunity to drive the future of Southwest Airlines.
Additional details:
This role is offered as a remote workplace position, which may require travel for trainings , meetings, conferences, etc. Outside of those required visits, the majority of your working time may be spent in a remote location, away from our Corporate Campus. Please note, while this is a remote position, there is limited group of states or localities ineligible for Employees to regularly perform their work off-site. Those ineligible locations are: Alaska, Delaware, New Jersey, North Dakota, South Dakota, Vermont, West Virginia, and Wyoming.
U.S. citizenship or current authorization to work in the U.S. is required, and no current or future work authorization sponsorship available.
Southwest Airlines is an Equal Opportunity Employer. We continue to look for opportunities to reflect the communities we serve, and welcome applicants with diverse thoughts, backgrounds, and experiences.
Job Summary
Conduct needs analysis to create quality solutions. Ensure solutions are aligned with stated requirements and comply with departmental standards. Manage activities to ensure solutions are delivered on-time and within budget. Serve as a resource to ensure effective communications to customers or key stakeholders.
Responsibilities
Apply knowledge and skills of analysis, business processes, tools, domains, project methodologies, requirements definitions, and testing to solve a range of problems.
Performing vulnerability assessments on SouthWest’s internal and external systems. This includes the 3rd party developed and supported systems present within the environment.
Execute Network, Server, Database and application assessments as a daily activity.
Candidate would be serving internal customers by advising and providing expert guidance on remediation strategies for identified vulnerabilities.
Partner with other Technology Team members to provide advice or solutions within his or her area of expertise
Stay informed about current developments within his or her expertise
Identify strengths and weaknesses of alternative solutions, conclusions, or approaches to problems
Estimate effort and value for solutions
Apply business solutions with broad level knowledge about technology platforms/architectures
Verify information and carefully review and check the accuracy of own work using dependency identification processes in technology work
Establish or follow prioritization process to drive work, completing work with a sense of urgency
Express ideas, business or technical requirements clearly and concisely in writing using appropriate levels of summary and synthesis
Monitor program risks, issues, and scope proactively, ensuring the appropriate level of priority, visibility and escalation
May perform other job duties as directed by Employee's Leaders
Knowledge, Skills and Abilities
Programming experience with one or more of the following Java/J2EE, .NET, Python, JavaScript, NodeJS, GO, etc.
Understanding of the OWASP Top 10.
Experience with Application Security Vulnerability Testing Tools (Fortify, Veracode, Synopsys, WhiteSource, Netsparker, Invicti, Snyk, Gitlab SAST, etc.).
Experience with Application Security Vulnerability Management Tools (ServiceNow, DefectDojo, PlexTrac, ThreadFix, etc.).
Knowledge of Threat Modeling and Threat Intelligence Tools (Bisight, RiskIQ, SecurityScorecard, RecordedFuture, CrowdStrike, RiskRecon, Trellix, etc.).
Proficient knowledge of technical environments
Proficient knowledge of software development methodologies
Skilled in partnering, communication, and negotiation in working with various Teams and/or external partners
Ability to analyze medium to large Business or technical problems, articulating the problem or root cause, and translating the analysis into viable solution recommendations
Ability to work effectively in a strong Customer service/team oriented environment
Ability to research, create, and document requirements, processes, and technical specifications
Ability to manage and prioritize effectively multiple and widely varied work streams/tasks
Ability to take on multiple assignments, whether administrative or project related, while maintaining a successful level of completion in all responsible work; able to mentor others to do the same
Ability to teach and mentor others concerning technical and business subjects
Education
Required: High School Diploma or GED
Required: Bachelor's degree in Business, Engineering, Computer Science, or Information Systems, or related field; or equivalent formal training
Experience
Required: Intermediate-level experience, fully functioning broad knowledge in information technology (IT) operations, programming, systems/software development or another IT related field
Preferred: Experience in Agile full-stack web or mobile application development
Preferred: Programming experience with one or more of the following: Java/J2EE, .NET, Python, JavaScript, NodeJS, GO, etc.
Preferred: Experience with Application Security Vulnerability Testing Tools (Fortify, Veracode, Synopsys, WhiteSource, Netsparker, Invicti, Snyk, Gitlab SAST, etc.) and/or Management Tools (ServiceNow, DefectDojo, PlexTrac, ThreadFix, etc.)
Preferred: Knowledge of threat modeling and threat intelligence tools (Bisight, RiskIQ, SecurityScorecard, RecordedFuture, CrowdStrike, RiskRecon, Trellix, etc.)
Preferred: Understanding of the Open Web Application Security Project (OWASP) Top 10
Licensing/Certification
N/A
Physical Abilities
Ability to perform work duties from [limited space work station/desk/office area] for extended periods of time
Ability to communicate and interact with others in the English language to meet the demands of the job
Ability to use a computer and other office productivity tools with sufficient speed and accuracy to meet the demands of the job
Other Qualifications
Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines
Must be a U.S. citizen or have authorization to work in the United States as defined by the Immigration Reform Act of 1986
Must be at least 18 years of age
Must be able to comply with Company attendance standards as described in established guidelines
Limited travel with potential for increased/decreased travel based upon Technology Department needs
Competitive market salary from $98,000 per year to $108,600 per year* depending on qualifications and experience. For eligible Leadership and individual contributor roles, additional bonus opportunities are available and awarded at the discretion of the company.
- Pay amount does not guarantee employment for any particular period of time.
- 401(k) match contributions are subject to the plan’s vesting schedule and applicable IRS limits
Southwest Airlines is an Equal Opportunity Employer.
Please print/save this job description because it won't be available after you apply.