23 days old

Engineer/Senior Engineer, IT Platform Security

American Airlines
Fort Worth, TX 76102

Location: DFW Headquarters Building 8 (DFW-SV08) 
Additional Locations: None
Requisition ID: 34009 

Intro

Are you ready to explore a world of possibilities, both at work and during your time off? Join our American Airlines family, and you’ll travel the world, grow your expertise and become the best version of you. As you embark on a new journey, you’ll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life. Feel free to enrich both your personal and work life and hop on board!

Why you'll love this job
  • This job is a member of the Network Tools and Assessment Team, within the Information Technology Division.
  • The Engineer/Sr Engineer , IT Application Security will responsible for identifying critical security risks to the company’s applications and data. This role will allow for effective and efficient targeted remediation of insecure applications/systems and increase security posture and decrease probability of AA data loss/breaches.
What you'll do
  • Uses Static and Dynamic Analysis tools to support broad testing and vulnerability discovery.
  • Evaluates applications for security flaws by performing fuzzing, access/authorization bypass, business logic abuse and intentional fault injection.
  • Reviews application architectures and implementation details for design flaws, incorrect security implementation and missing security controls.
  • Works with other security team members to research and test for complex security issues.
  • Consults with Software Engineers, Infrastructure Architects and Security Architects to correct application, architectural or environment flaws.
  • Validates external security researcher bug bounty submissions.
  • Works closely with service providers and external security support resources to schedule, track and manage security testing efforts.
  • Creates and/or maintains threat models to communicate risks to engineers, project managers and other technical personnel.
  • Ensures applications are built according to enterprise security standards.
  • Works with development teams to review application source code for security and operational risks.
  • Performs manual code reviews of applications that are not compatible with automated SAST tools.
  • Provides detailed security documentation to developers, software engineers and technical personnel when necessary.
  • Provides guidance and recommendation to software architects and engineers on how to correct code related security flaws.
  • Participates in peer reviews of security assessments created by other team members.
  • Maintains the enterprise SSDLC standard.
All you'll need for success

Minimum Qualifications- Education & Prior Job Experience

  • Bachelor’s degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
  • 2 years of experience working as a frontend or backend software developer
  • Experience as a developer on a team consisting of five or more software developers
  • Expert level knowledge of at least one compiled programming language
  • Expert level knowledge of at least one interpreted programming language
  • Ability to write a software specification
  • Ability to conduct independent research
  • Broad understanding of web service implementation paradigms (REST, SOAP)
  • Familiarity with OWASP and the San’s Top 25

Preferred Qualifications- Education & Prior Job Experience

  • Expert level knowledge static analysis tools and methods
  • Expert level knowledge of dynamic analysis tools and methods
  • Advanced knowledge software engineering concepts: design principles and design methods (Scrum, XP, Lean, Waterfall)
  • Strong understanding of common cryptographic algorithms and libraries
  • Experience with mobile application development on Android or iOS
  • 2+ years working as full stack software developer
  • 1+ years working in a software QA role
All you'll need for success (Continued)

Skills, Licenses & Certifications

  • Basic understanding of Cryptography concepts: hashing, signing, symmetric/asymmetric encryption and decryption
  • Basic understanding of network security concepts: DOS, DNS Spoofing, ARP Poisoning, Reverse Shells, Firewalls,
  • Basic understanding of defensive programming and test-driven development
  • Knows how to perform common application exploits: XSS, SQL Injection, UI Redressing, Directory Browsing, Log Forging
  • Basic understanding microservice application architecture, software cohesion and software coupling
  • Comfortable learning new programming languages as needed to conduct code reviews
  • Comfortable with the following tools and technologies: Git, SoapUI, Jenkins, Artifactory, SonarQube, FindBugs, Docker, Coverity
What you'll get

Feel free to take advantage of all that American Airlines has to offer: 

  • Travel Perks: Ready to explore the world? You, your family and your friends can reach 365 destinations on more than 6,800 daily flights across our global network.
  • Health Benefits: On day one, you’ll have access to your health, dental, prescription and vision benefits to help you stay well. And that’s just the start, we also offer virtual doctor visits, flexible spending accounts and more. 
  • Wellness Programs: We want you to be the best version of yourself – that’s why our wellness programs provide you with all the right tools, resources and support you need.
  • 401(k) Program: Available upon hire and, depending on the workgroup, employer contributions to your 401(k) program are available after one year.
  • Additional Benefits: Other great benefits include our Employee Assistance Program, pet insurance and discounts on hotels, cars, cruises and more
Feel Free to be yourself at American

From the team members we hire to the customers we serve, inclusion and diversity are the foundation of the dynamic workforce at American Airlines. Our 20+ Employee Business Resource Groups are focused on connecting our team members to our customers, suppliers, communities and shareholders, helping team members reach their full potential and creating an inclusive work environment to meet and exceed the needs of our diverse world.

Are you ready to feel a tremendous sense of pride and satisfaction as you do your part to keep the largest airline in the world running smoothly as we care for people on life’s journey? Feel free to be yourself at American.

Additional Locations: None
Requisition ID: 34009 

Categories

Posted: 2019-10-26 Expires: 2019-11-25

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Engineer/Senior Engineer, IT Platform Security

American Airlines
Fort Worth, TX 76102

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast