Senior Engineer – Application Security chez United Airlines Business Services Pvt. Ltd

We are seeking a skilled Engineer Application Security resource to help us develop solutions to automate the security compliance operation, improve application security posture management, and drive for shift-left security to reduce the vulnerabilities. The ideal candidate will have experience with application development and CI/CD pipelines, sufficient background in AWS cloud, and strong cybersecurity and tooling knowledges.

Job overview and responsibilities

• Implement efficient code to turn design into working solutions at high quality.
• Develop pipeline templates, software components or tools to help developers to avoid introducing security vulnerabilities into applications.
• Work closely with security standard owners, security architects and engineers, business/stakeholders to define requirements and design technical solutions to automate security control validation
• Create and document standard of operations, procedures, guidelines, or knowledge materials for optimize execution and knowledge sharing. 
• Identify areas for enhancements in existing programs and subsequently developing the enhancements. Test and evaluate new programs.
• Maintain and upgrade existing systems. Continuously identify opportunities for improvement.

This position is offered on local terms and conditions.  Expatriate assignments and sponsorship for employment visas, even on a time-limited visa status, will not be awarded. This position is for United Airlines Business Services Pvt. Ltd - a wholly owned subsidiary of United Airlines Inc.

What’s needed to succeed (Minimum Qualifications):

• Bachelor's degree in computer science, engineering, information system or related field
• 4 years of solid experience in developing applications using CI/CD pipeline in cloud environment
• Proficiency in Python programming for automation and scripting
• Demonstrated experience with additional programing languages (e.g., Java, .NET, JavaScript) and shell scripting (Bash/PowerShell)
• Hands-on experience with AWS core services, including EC2, S3, Lambda, CloudWatch, and DynamoDB
• Track record of delivering high-quality code and applications within project timelines 
• Experience working with CI/CD pipelines, DevSecOps practices, and configuration management tools in multi-account environments
• Familiarity with Harness or GitHub Actions for integrating security into development workflowsSolid understanding of application principles, including OWASP Top 10 security risks, SSDLC, and mitigation strategies 
• Experience with security scanning tools such as Veracode, Snyk, or similar platforms

• Working knowledge of cybersecurity best practices and compliance standards

• Strong problem-solving and troubleshooting skills 

• Strong communication skills, both verbal and written

• Collaborative mindset with positive team spirit and relationship building

• · ·       Strong communication skills, both verbal and written

What will help you propel from the pack (Preferred Qualifications):

• 3 years of coding experience with JavaScript, Java, .Net 
• AWS Cloud Practitioner or equivalent
• CSSLP