Cybersecurity Analyst

Department:

Our Company Promise

We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Employees will be provided the same concern, respect, and caring attitude within the organization that they are expected to share externally with every Southwest Customer.

Job Description:

As a Cybersecurity Analyst supporting the Cybersecurity Governance, Risk, and Compliance (GRC) Team, you'll collaborate with work groups across the Company, including Legal, People, Marketing, and Technology, to provide deep privacy expertise, guidance, and best practices that strengthen data privacy, compliance, and governance. You'll help implement objectives tied to the NIST Privacy Framework, enable automated data discovery, classification, and risk management across multicloud environments, and support data minimization efforts that align with regulatory, legal, and business needs.

In this role, you'll take a strategic, detail oriented approach to advancing impactful initiatives that shape the future of Southwest.

Additional Details

• This role is offered as a remote workplace position, which may require travel for training, meetings, conferences, etc. Outside of those required visits, the majority of your working time may be spent in a remote location, away from our Corporate Campus. Please note, while this is a remote position, there is a limited group of states or localities ineligible for Employees to regularly perform their work.
  
  Those ineligible locations are:
  Alaska, California, Colorado, Delaware, Illinois, Iowa, Maryland, Massachusetts, Montana, New Hampshire, New Jersey, New York, North Dakota, Oregon, Pennsylvania, South Dakota, Vermont, West Virginia, Washington, Wyoming, and Puerto Rico.

• U.S. citizenship or current authorization to work in the U.S.required and no current or future work authorization sponsorship available.

We'recommitted to fair hiring practices and to making employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, military or veteran status, disability, genetic information, or other legally protected characteristics.

Responsibilities

• Demonstrate advanced analytical skills across diverse cybersecurity domains, leading the identification and resolution of complex cybersecurity issues in areas such as Incident Response, Threat Intelligence, Governance, Risk, and Compliance (GRC), Privacy, Vulnerability Management, and Engineering Operations

• Lead and actively participate in high-priority incident response efforts, taking ownership of critical activities related to the identification, containment, and resolution of security incidents, and providing mentorship to junior analysts

• Drive advanced threat intelligence initiatives, including the development of threat hunting strategies, proactive identification of emerging threats, and the implementation of innovative solutions to enhance the organization's security posture

• Take a lead role in vulnerability management, overseeing and improving the vulnerability assessments and scanning processes, and providing mentorship to junior and mid-level analysts

• Architect and lead the optimization of the organization's security infrastructure, overseeing the implementation of advanced cybersecurity controls, and ensuring the organization is prepared to address evolving cyber threats

• Take a leadership role in maturing GRC initiatives, ensuring comprehensive understanding, and proactively shaping cybersecurity regulations, standards, and best practices within the organization

• Lead privacy initiatives, overseeing the implementation and enforcement of privacy controls and practices, and ensuring the protection of sensitive information in compliance with relevant regulations

• Drive the continual improvement of cybersecurity practices and resilience, staying at the forefront of industry trends and emerging technologies to shape and enhance the organization's advanced security posture

• Lead the development and execution of comprehensive cybersecurity training and awareness initiatives, tailoring programs to different audiences and providing mentorship to junior team members

• Play a key role in fostering collaboration across the organization, engaging with senior leadership, cross-functional teams, and external stakeholders, and representing the cybersecurity function at a strategic level

• May perform other job duties as directed by Employee's Leaders

Knowledge,

Skills and Abilities

• Knowledge of various cybersecurity frameworks and standards (e.g., NIST, ISO 27001) to guide security initiatives

• Knowledge of data protection and privacy regulations (e.g., GDPR, CCPA) to ensure the safeguarding of sensitive information

• Knowledge of incident response procedures and methodologies for effective response to security incidents

• Skilled in conducting…