Analyst - Identity & Access Management

Description

Achieving our goals starts with supporting yours. Grow your career, access top-tier health and wellness benefits, build lasting connections with your team and our customers, and travel the world using our extensive route network.

Come join us to create what's next. Let's define tomorrow, together.

United's Digital Technology team is comprised of many talented individuals all working together with cutting-edge technology to build the best airline in the history of aviation. Our team designs, develops and maintains massively scaling technology solutions brought to life with innovative architectures, data analytics, and digital solutions.

The Analyst - Identity & Access Management (IAM) plays a critical role in analyzing, strengthening, and securing the company's IAM systems and overall security posture. This position focuses on proactive analysis, collaboration across teams, and supporting compliance efforts to continuously improve the organization's security landscape.

The Analyst - Identity & Access Management (IAM) will be performing analysis of IAM systems to identify vulnerabilities, inefficiencies, and areas for improvement as well as proactively recommend and implement strategies to enhance security, streamline processes, and ensure optimal system functionality. They will work closely with development teams, IT security professionals, and other stakeholders to integrate secure identity solutions throughout the product lifecycle and foster open communication and collaboration to ensure successful IAM implementation and adoption across the organization.

The role also actively participates in compliance efforts by ensuring IAM systems adhere to relevant regulations and internal policies, while also conducting regular audits and assessments to identify and address potential compliance gaps. The ideal analyst will continuously stay abreast of evolving IAM best practices, industry standards, and emerging threats. Adapt and implement new technologies and processes to maintain a robust and secure IAM environment.

• Assists in analysis and requirements gathering for the implementation and administration of IAM platforms across United's workforce
• Support workforce access management solutions (requirements capture and sign off for functional, technical, and user experience features, collaboration with engineering through an Agile SDLC process, test acceptance, documentation and communication)
• Ensure IAM solutions adhere to regulatory, compliance, and internal requirements
• Assist in the maintenance of IAM policies, standards, and procedures
• Champion IAM best practices and the adoption of Cybersecurity & Digital Risk authentication and authorization standards
• Ensure IAM security design and user experience is aligned with the overall security strategy to reduce risk to the organization
• Prepare and present reports on workforce IAM key initiatives, OKRs, KPIs, compliance status, audit findings, and risk assessments to management and other stakeholders.
• Collaborate with development teams and other IAM service consumers
• Develop business requirements design and functional requirements documents for the implementation and usage of IAM capabilities in enterprise systems
• Collaborate with other IAM team members on IAM related matters and contributing to enhanced workforce security and experiences

• Bachelor's degree
• 3+ years of relevant experience
• An understanding of modern authentication and authorization protocols and concepts, such as OIDC, SAML, SSO, MFA, OpenID
• Knowledge of identity proofing and identity verification technologies, adaptive risk-based authorization, and Zero Trust concepts
• Understanding of policies that reflect system security objectives
• Ability to determine how a security system works (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes
• Experience with at least one of these area specific tools:
  Microsoft Entra, Okta, Duo, Oracle Access Manager, SailPoint, Saviynt
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

• STEM, Cybersecurity, Risk Management, Computer Science
• CompTIA Security+, ISC2 Certified in Cybersecurity (CC), ISC2 Security Certified Practitioner (SSCP)
• 4+ years of relevant experience
• Understanding of the NIST Cybersecurity Framework
• Knowledge of compliance regulations (SOX, PCI, FAA, DFARS, PII)
• Prior experience with large-scale Identity transformation projects or leading requirements gathering for MFA and Passwordless implementations at large global organizations
• Prior experience supporting Identity and Access management functions within the airline or transportation industry

The…