• Job Description

  Req#: R-2023-30314

  Department:

  Technology

  Our Company Promise

  
  We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Employees will be provided the same concern, respect, and caring attitude within the organization that they are expected to share externally with every Southwest Customer.

  Job Description:

  All of Southwest’s People come together to deliver on our Purpose; Connecting People to what’s important in their lives through friendly, reliable, and low-cost air travel. The Senior Cybersecurity Engineer invests in our Purpose by develo ping and main taining Payment Card Industry ( PCI) Tokenization products, which ensure credit card security and compliance with PC I requirements . This role also supports authentication libraries and authorization libraries used by S outhwest application development T eams to integrate with our enterprise authentication and authorization services . The Senior Cybersecurity Engineer is detail oriented and an innovative thinker who looks forward to driving the future of cybersecurity at Southwest . Join the growing field of Cybersecurity with a focus on developing data protection, authentication, and authorization software used enterprise wide in Southwest Airlines.
  
  Additional Details:

  • This role is offered as a remote workplace position, which may require travel for trainings , meetings, conferences, etc. Outside of those required visits, the majority of your working time may be spent in a remote location, away from our Corporate Campus. Please note, while this is a remote position, there is limited group of states or localities ineligible for Employees to regularly perform their work off-site. Those ineligible locations are: Alaska, Delaware, New Jersey, North Dakota, South Dakota, Vermont, West Virginia, and Wyoming.

  Southwest Airlines is an Equal Opportunity Employer. We continue to look for opportunities to reflect the communities we serve, and welcome applicants with diverse thoughts, backgrounds, and experiences .

  • Job Summary
    • Deliver Cybersecurity solutions that protect Southwest Airlines. Work in a focused group adhering to Agile principles. Create and refresh of solutions that happen in AWS and utilize a maturing common platform. Expect a mix of Enterprise integration and platform development.
  • Responsibilities
    • Provide security guidance to application and Partner Teams to remediate security vulnerabilities, risk items, and policy exceptions
    • Deliver training for clients in use of the key Cybersecurity systems and automated environments
    • Identify Cybersecurity problems, plan solutions, recommend software and systems, and coordinate developments in an orderly manner to meet business requirements
    • Act as an agent for change to reflect the latest Cybersecurity standards and practices
    • Serve as an enterprise subject matter expert (SME) and advocate of IT Security standards and reference architectures
    • Act as a Mentor to both Co-Hearts in Cybersecurity and Partner Teams
    • Remain abreast of industry trends and develop business cases for changes
    • Lead team to find best solution and offering thought leadership while ideating and challenging group think
    • Oversee immediate response and maintenance to production program issues
    • Partner with production testers to identify defects and complete testing
    • May perform other job duties as directed by Employee's Leaders
  • Knowledge, Skills, and Abilities
    • At least 5 years of extensive software development for distributed, highly available, active/active systems (i.e. zero RTO)
    • Preferred skills in security related software - authentication, authorization, TLS, network segmentation (e.g. AWS NACLs, route tables, security groups, Kubernetes network policies)
    • Skilled in Agile best practices and continuous improvement
    • Skilled in at least one or more cloud computing technology and its concepts such as AWS
    • Skilled in infrastructure-as-code (IaC) development (Terraform, CloudFormation or similar) and automated configuration management using configuration-as-code (CaC) development (Chef, Puppet, Ansible or similar)
    • Skilled in implementing Cybersecurity specific Integration Tests providing Identity, Security Policy, and Cryptography
    • Skilled in at least one or more performance, logging and monitoring tools such as Prometheus, ELK Stack, AppD and their integration into platform tools such as AWS CloudWatch
    • Skilled in at least one or more credential management tools and solutions like AWS Secrets Manager, CyberArk or Hashicorp Vault
    • Skilled in creating parameterized build jobs for Continuous Integration of Security and environmental variables
    • Knowledge of at least one or more existing elements in value pipeline, such as PingFederate, eDirectory, Active Directory, CyberArk, or Micro Focus IDM
    • Skilled in at least two or more scripting and development languages such as Java, TypeScript, Python, Go, Rust, and Lua
    • Knowledge of Secure Proxy and/or API Gateway - Envoy Proxy, F5 APM, PingAccess, Layer 7 API Gateway, AWS API Gateway
    • Skilled in Authorization such as XACML, OPA (Open Policy Agent), or Cedar
    • Skilled in at least one or more Distributed Systems such as REST, gRPC, SOAP and CORBA
    • Skilled in Data Protection - PCI tokenization, pseudonymization, x.509 certificates, and/or mutual TLS
    • Skilled in excellent communication, collaboration, organization, problem solving, and prioritization skills
    • Familiarity with identity federation protocols - OAuth2, OIDC, SAML and WS-Federation

  • Education
    • Required: High School Diploma or GED
    • Required: Bachelor's Degree in Business, Engineering, Computer Science, Information Systems, Cybersecurity, or related field; or equivalent formal training
  • Experience
    • Required: Advanced-level experience, seasoned and specialized knowledge in developing, implementing, or integrating technologies for Enterprise security
  • Licensing/Certification
    • N/A
  • Physical Abilities
    • Ability to perform work duties from [limited space work station/desk/office area] for extended periods of time
    • Ability to communicate and interact with others in the English language to meet the demands of the job
    • Ability to use a computer and other office productivity tools with sufficient speed and accuracy to meet the demands of the job
  • Other Qualifications
    • Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines
    • Must be a U.S. citizen or have authorization to work in the United States as defined by the Immigration Reform Act of 1986
    • Must be at least 18 years of age
    • Must be able to comply with Company attendance standards as described in established guidelines

  Pay & Benefits:

  Competitive market salary from $153,800 per year to $160,200 per year* depending on qualifications and experience. For eligible Leadership and individual contributor roles, additional bonus opportunities are available and awarded at the discretion of the company.

  Benefits you’ll love:

  • Fly for free, as a privilege, on any open seat on all Southwest flights (your eligible
  • dependents too)
  • Up to a 9.3% 401(k) Company match, dollar for dollar, of your eligible pay, per
  • paycheck *
  • Potential for annual ProfitSharing contribution toward retirement - when
  • Southwest profits, you profit**
  • Explore more Benefits you’ll love: https://careers.southwestair.com/benefits

  *Pay amount does not guarantee employment for any particular period of time.

  **401(k) match contributions are subject to the plan’s vesting schedule and applicable IRS limits

  ***ProfitSharing contributions are subject to plan’s vesting schedule and are made at

  Southwest Airlines is an Equal Opportunity Employer.
  Please print/save this job description because it won't be available after you apply.

• About the company

  Southwest Airlines Co., typically referred to as Southwest, is one of the major airlines of the United States and the world's largest low-cost carrier.

Notice