United Airlines Senior Analyst - IT Compliance in Chicago, Illinois
We have a wide variety of career opportunities around the world — come find yours.
The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.
Job overview and responsibilities
This role leads the development, implementation and adherence of the enterprise IT Security Governance, Risk Management & Compliance strategy which includes, risk management, security contracts and compliance management.
Develop and nurture relationships with internal and external audit agencies to facilitate execution of third party contracts
Collaborate with key stakeholder and strategic partners to develop, document, implement and manage IT Security Governance, Risk Management & Compliance frameworks, policies, standards aligning with industry best practices
Monitor changes in legislation and compliance standards that affect IT Security Governance, Risk Management & Compliance and proactively act to update frameworks, policies, standards and best practices based on this information
Assist in the development and implementation of an enterprise IT Security Governance, Risk Management & Compliance strategy
Conduct operational and security-related control and risk assessments to ensure compliance to regulatory and statutory requirements, including industry specific guidelines, PCI DSS, SOX, HIPAA, ISO 27000, and COBIT
Implement revisions and improvements to IT Security Governance, Risk Management and Compliance controls and processes in response to testing results and/or non-compliant findings
Effectively communicate audit findings, contract status and complex security solutions to senior leadership
Develop dashboards to be used by leadership in decision making.
Subject matter expertise in the fields of IT Security Governance, Risk Management & Compliance
Strong knowledge of IT Security Governance, Risk Management & Compliance best practices, procedures and standards
Willingness to expand upon known programming skills and continually develop/learn new technical skills in support of new tools/methods
Excellent organizational and time management skills
Attention to detail
Excellent verbal, written and presentation skills
Ability to work independently and manage several simultaneous projects focus on quality results.
BS or BA degree (preferably in a management or technology related field) or any combination of equivalent education, experience, and formal training that allows the candidate to meet the requirements of the job
5 or more years of information technology experience, at least 4 of them in a relevant information security and/or risk management field required
Experience with IT and enterprise Governance, Risk Management & Compliance automation and policy/control compliance tools
Must be legally authorized to work in the United States for any employer without sponsorship
Successful completion of interview required to meet job qualification
Reliable, punctual attendance is an essential function of the position
Strong interpersonal skills, emotional intelligence, positive attitude, 5+ years of technology infrastructure experience at a large enterprise, leading without authority
MS Computer Science or MS Information Security, CISSP, CISA, CGEIT, and/or relevant SANS/GIAC certificates are preferred
Experience with one or more of the following: vulnerability scan, penetration testing, security architecture review, Data Loss Protection technology, information security policy development, PCI DSS and SOX audit
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled/LGBT
Division: 47 Technology/IT
Function: Information Technology
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled