American Airlines is a leading airline company that offers a world of possibilities for its employees. The Analyst-Risk role within the American Airlines Credit Union is responsible for providing operational support for the Information Security Department, overseeing governance and compliance aspects of the Patch and Vulnerability Management program, and ensuring the organization's security posture remains robust and compliant with industry standards.
Develop and maintain dashboards and reports to provide visibility into the PVM program's effectiveness and areas for improvement.
Facilitate governance and steering committee meetings related to vulnerability management, ensuring alignment with organizational objectives and regulatory requirements
Track aging vulnerabilities and coordinate with relevant teams to ensure timely remediation, escalating issues as necessary
Assist in developing and enforcing policies, standards, and procedures related to patch and vulnerability management
Assist in risk-ranking vulnerabilities and prioritizing level of urgency appropriately
Stay informed about emerging threats, vulnerabilities, and regulatory changes that may impact the organization's security posture
Support audits and assessments by providing necessary documentation and evidence of compliance with security frameworks such as PCI, NCUA, FFIEC, and others
Audit and monitor production system logs for unauthorized transactions and intrusions
Assist in performing security risk assessments and disaster recovery/business continuity planning
Provide analysis and recommendations for information security configuration to IT Project Managers
Perform administrative functions to complete required tasks including recording issues into tracking system, checking voicemail/email, and documenting processes and issues
Promote security awareness programs within the company (i.e. phishing and employee engagement in the program)
Provide detailed verbal and written communication to management and peers
Ensure optimal use of vulnerability detection, anti-virus, malware, protection, and anomaly reporting software
Collaborate and maintain relationships with various departments across the organization
Work tickets in the servicing queue, routing them to the appropriate team for follow-up if necessary
Perform other duties, as assigned
The selected candidate will be responsible for ensuring the security and confidentiality of all account and related information which is part of their work and for ensuring that his/her work is in compliance with all applicable laws and regulations including, but not limited to, the Bank Secrecy Act.
Qualification
Required
High school diploma or equivalency required
Bachelor’s degree in computer science, management information systems or related field, or two years of equivalent progressive experience
Experience in risk assessment, compliance, or governance within an information security context
Familiarity with patch and vulnerability management processes and tools
Skilled in Microsoft Office software (e.g., Word, Excel, Access, PowerPoint) gained through either work experience with the software or education and hands-on use of the software
Knowledge of industry best practices including ISO 17799/13335, NIST, COBIT, SANS, etc.
Knowledge in developing, implementing and communicating security policies, standards, guidelines and procedures
Ability to demonstrate excellent communications skills, both oral and written, with a variety of end users possessing a range of technological skills
Ability to perform in a fast-paced environment, handle multiple tasks and function as an integral part of a team
Ability to manage competing priorities and meet deadlines
Ability to be on-call 24/7 and willingness to work flexible shifts
Ability to demonstrate information security concepts
Ability to maintain satisfactory performance and attendance
Ability to pass applicable American Airlines and Credit Union pre-hire compliance checks
Preferred
Industry certification such as; CISSP, MCITP, CISA, or GIAC
Experience as a subject matter expert in at least two technology-related disciplines; patch management, intrusion detection, antivirus, data loss protection, access controls, perimeter security, internet filtering, LDAP systems, Active Directory, Exchange, MS SQL, etc
Benefits
Travel Perks: Ready to explore the world? You, your family and your friends can reach 365 destinations on more than 6,800 daily flights across our global network.
Health Benefits: On day one, you’ll have access to your health, dental, prescription and vision benefits to help you stay well. And that’s just the start, we also offer virtual doctor visits, flexible spending accounts and more.
Wellness Programs: We want you to be the best version of yourself – that’s why our wellness programs provide you with all the right tools, resources and support you need.
401(k) Program: Available upon hire and, depending on the workgroup, employer contributions to your 401(k) program are available after one year.
Additional Benefits: Other great benefits include our Employee Assistance Program, pet insurance and discounts on hotels, cars, cruises and more
American Airlines is an airline company that operates a diverse fleet of aircraft, including narrow-body and wide-body jets. It is a sub-organization of American Airlines.
Glassdoor
3.7
Founded in 1930
Fort Worth, Texas, USA
10001+ employees
http://aa.com
American Airlines is an airline company that operates a diverse fleet of aircraft, including narrow-body and wide-body jets. It is a sub-organization of American Airlines.
