Share this Job

Engineer/Senior Engineer, IT Vulnerability Management

Date: Mar 9, 2019

Location: Ft Worth, TX, US

Req ID: 25304

Location: AA Headquarters 1 (DFW-HDQ1) 
Additional Locations: None
Requisition ID: 25304 


Join us for a career with endless possibilities.

Looking for a job where a passion for innovation, a culture of teamwork, and opportunities for growth are valued and rewarded? You’ve come to the right place.


You don’t have to be an airline aficionado to join American Airlines. It takes more than cool planes to keep us ahead of the curve, and thanks to our team of behind the scenes professionals, we do just that. As the largest airline in the world, American Airlines is in the business of serving the global travel needs of our customers. At the core of the Company is our commitment to each customer and each employee. We are dedicated to developing and delivering what our customers value and are willing to pay for. Customer-centric planning, innovative marketing, and an exceptional customer experience are supported by a cadre of talented people.


What does it take to join us? We’re glad you asked! We expect exceptional skills in your discipline and a dedication to being the best as we relentlessly pursue our goal of being not just the largest airline in the world, but also the best airline in the world.


Fortunately, we’re building on almost a century of innovation and firsts in our industry – and we plan to continue that tradition of excellence.

About The Job

This job is a member of the Technology Team, within the Information Technology Division. This role provides support to the Information Security (IS) Vulnerability Management team. Additionally, this role provides strong enterprise experience towards running vulnerability analyses and recommending mitigation possibilities, and ensures that the Vulnerability Management Platform is scanning to the level appropriate to all routable nodes on the network. This service provides enterprise visibility into strategic, ongoing related incident, and high visibility vulnerabilities within the enterprise.


Specifically, you’ll do the following:

  • Performs discovery scanning via the Vulnerability Management Platform (scheduled and ad-hoc)
  • Categorizes network nodes so that further vulnerability scanning can be focused on "Enterprise" services
  • Provides gap analysis to compare the list of known resources so gaps can be investigated and owners identified
  • Identifies resource types (e.g. router, desktop computer, server, network switch, firewall, etc.), operating systems, and whether active services are "Enterprise" level
  • Provides initial research to determine the type of node and identify any applications (such as World Wide Web (WWW), File Transfer (FTP), Email (SMTP and POP3), and Name Services) running on the target system to assist in identifying the owner
  • Tracks via case management system (such as Phantom, Archer, or Cherwell) and provides a wiki-style format to capture recommendation, analysis and facts, and links to other research
  • Populates data visualization tool (such as Tableau and Hygieia) for reporting vulnerability metrics by system and owner
  • Researches vulnerabilities to determine attack vectors and possible vulnerable targets, and launches specific scans and reports for that vulnerability in Qualys and Coverity
  • Coordinates with business, IT teams, and IS Risk to remediate compliance findings in a timely manner while addressing risk reduction objectives
  • Demonstrates continuous improvement mindset
  • Maintains an effective approach to problem solving, multi-tasking, coordinating, and scheduling in accordance with stated goals to ensure visibility and predictability
  • Works extended hours occasionally, based on the needs of the project and the operation
  • Travels, as required


Required Qualifications

  • Bachelor’s degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
  • 3 years of hands-on technical security engineering experience
  • Ability to install, configure, troubleshoot, and administer QualysGuard, QualysWAS
  • Experience with Qualys API programming or creating custom configurations within Qualys
  • Experience with dynamic and static code analysis experience (e.g. QualysWAS, SAST tools)
  • Experience with security configuration checklists (e.g. CIS Benchmarks)
  • Familiarity with NIST Special Publications (e.g. 800-53, 800-37)
  • Familiarity with PCI DSS Compliance standards and scanning practices
  • Demonstrated experience with NIST 800-53, NIST 800-53A, NIST 800-30 and NIST 800-37

Qualifications (Continued)

Required Qualifications (Continued)

  • Ability to code and script Python, SQL, BASH, or PowerShell
  • Ability to configure and use technical assessment tools such as Tenable Nessus and Burp Suite
  • Deep understanding of the technical architecture of IT systems built using Windows, UNIX, Linux, IBM AIX, VMware, Citrix, Oracle, and MySQL platforms
  • Working knowledge of networking and security technologies such as firewalls, IDS/IPS, and load balancers
  • Working knowledge of Windows and Unix operating systems
  • Working knowledge of common database platforms
  • Ability to manage conflicting priorities and customer expectations in a fast paced operational environment
  • Ability to analyze complex problems and implement solutions and/or workarounds
  • Ability to work on multiple projects simultaneously with a keen desire to learn and expand depth of knowledge
  • Ability to thrive in a sense-of-urgency environment and leverage best practices
  • Demonstrated initiative, flexibility, and ability to adapt to changing priorities and work environments
  • Experience in DevOps Toolchain methodologies, including Continuous Integration and Continuous Deployment
  • Proficiency in  Agile project management methodology, specifically within infrastructure area
  • Proficiency in Microsoft Suite (Word, Excel, PowerPoint, Access, and Visio)


Preferred Qualifications

  • 5+ years of hands-on technical security engineering experience
  • Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups; strong presentation and technical documentation skills
  • Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills
  • Ability to work well within a team environment, as well as independently

Additional Locations: None
Requisition ID: 25304 

Nearest Major Market: Fort Worth
Nearest Secondary Market: Dallas

Job Segment: Manager, Engineer, Database, Oracle, Computer Science, Management, Engineering, Technology