Job Overview
Employment Type
Full-time
Compensation
Salary
Range $92,900.00 - $134,000.00
Work Schedule
Flexible
Benefits
Travel perks
health benefits
wellness programs
401(k) program
Employee assistance program
Pet insurance
Discounts on hotels, cars, cruises
Job Description
American Airlines is the largest airline in the world, renowned for its extensive global network, exceptional customer service, and commitment to innovation and safety. As a leader in the aviation industry, American Airlines operates more than 6,800 daily flights to 365 destinations worldwide. The company prides itself on fostering a dynamic and inclusive work environment where employees can grow their expertise, explore global opportunities, and make meaningful contributions to the company’s success while maintaining a healthy work-life balance. American Airlines values diversity and inclusion, supporting over 20 Employee Business Resource Groups that help team members connect with customers, suppliers, communities, and shareholders to reach their full potential. This commitment creates a collaborative, innovative, and supportive workplace for all employees.
The role within American Airlines is a vital position on the Information Technology team, focusing on cybersecurity within the aviation sector. As part of the Cybersecurity Aviation team, this role is responsible for protecting the digital aircraft and associated systems by ensuring the confidentiality, integrity, and availability of data across various platforms and networks. The position requires close collaboration with internal departments such as Avionics Engineering, Cabin Experience, Maintenance Technology, Government Affairs, Corporate Security, and Corporate Safety. It also involves coordination with external aviation cybersecurity industry partners to stay abreast of the latest trends, threats, and regulations affecting aviation cybersecurity.
This cybersecurity role entails leveraging deep technical expertise to design and implement secure solutions that align with industry standards and government regulations, including those from the Federal Aviation Administration (FAA). The successful candidate will lead efforts in risk analysis, mitigation strategies, incident response involving aviation technologies, and vulnerability management. The role demands strong communication skills and interpersonal abilities to build and maintain relationships within the organization and with external stakeholders.
The candidate will also be responsible for supporting compliance and regulatory activities, providing internal security consultation for digital aircraft and ground systems, and delivering key artifacts to support system review, software development, and quality assurance. There is an emphasis on continuous improvement and effective problem-solving, with occasional requirements for extended work hours and planned travel to meet organizational needs.
This position requires a minimum of a bachelor’s degree in Information Technology, IT Security, Network Systems Technology, or a related field, combined with at least five years of experience in security technology design and network, server, and application systems development. Preferred qualifications include expertise in Public Key Infrastructure (PKI), Identity and Access Management (IAM) solutions, Network Security, VPN solutions, and familiarity with NIST 800 series cybersecurity frameworks. Certifications such as CISSP, CISM, CISA, CEH, or relevant GIAC and Microsoft/Azure security certifications are highly desirable.
Beyond technical skills, candidates must possess a strong understanding of airworthiness cybersecurity concepts, regulatory compliance, aviation cybersecurity standards, and the ability to conduct risk assessments and vulnerability testing. Experience in virtualization technologies, cloud security, incident response, and collaboration with cross-functional teams is essential.
American Airlines offers an excellent benefits package, including travel perks, health and wellness programs, 401(k) plans with employer contributions, and additional benefits such as employee assistance programs and various discounts. This role is ideal for cybersecurity professionals eager to work at the intersection of technology and aviation while contributing to the safety and security of one of the world’s most respected airlines. Join American Airlines and embark on a rewarding career that offers professional growth, global travel opportunities, and the chance to be part of a supportive, innovative team dedicated to excellence.
The role within American Airlines is a vital position on the Information Technology team, focusing on cybersecurity within the aviation sector. As part of the Cybersecurity Aviation team, this role is responsible for protecting the digital aircraft and associated systems by ensuring the confidentiality, integrity, and availability of data across various platforms and networks. The position requires close collaboration with internal departments such as Avionics Engineering, Cabin Experience, Maintenance Technology, Government Affairs, Corporate Security, and Corporate Safety. It also involves coordination with external aviation cybersecurity industry partners to stay abreast of the latest trends, threats, and regulations affecting aviation cybersecurity.
This cybersecurity role entails leveraging deep technical expertise to design and implement secure solutions that align with industry standards and government regulations, including those from the Federal Aviation Administration (FAA). The successful candidate will lead efforts in risk analysis, mitigation strategies, incident response involving aviation technologies, and vulnerability management. The role demands strong communication skills and interpersonal abilities to build and maintain relationships within the organization and with external stakeholders.
The candidate will also be responsible for supporting compliance and regulatory activities, providing internal security consultation for digital aircraft and ground systems, and delivering key artifacts to support system review, software development, and quality assurance. There is an emphasis on continuous improvement and effective problem-solving, with occasional requirements for extended work hours and planned travel to meet organizational needs.
This position requires a minimum of a bachelor’s degree in Information Technology, IT Security, Network Systems Technology, or a related field, combined with at least five years of experience in security technology design and network, server, and application systems development. Preferred qualifications include expertise in Public Key Infrastructure (PKI), Identity and Access Management (IAM) solutions, Network Security, VPN solutions, and familiarity with NIST 800 series cybersecurity frameworks. Certifications such as CISSP, CISM, CISA, CEH, or relevant GIAC and Microsoft/Azure security certifications are highly desirable.
Beyond technical skills, candidates must possess a strong understanding of airworthiness cybersecurity concepts, regulatory compliance, aviation cybersecurity standards, and the ability to conduct risk assessments and vulnerability testing. Experience in virtualization technologies, cloud security, incident response, and collaboration with cross-functional teams is essential.
American Airlines offers an excellent benefits package, including travel perks, health and wellness programs, 401(k) plans with employer contributions, and additional benefits such as employee assistance programs and various discounts. This role is ideal for cybersecurity professionals eager to work at the intersection of technology and aviation while contributing to the safety and security of one of the world’s most respected airlines. Join American Airlines and embark on a rewarding career that offers professional growth, global travel opportunities, and the chance to be part of a supportive, innovative team dedicated to excellence.
Job Requirements
- Bachelor's degree in information technology, IT security, network systems technology or related technical discipline, or equivalent experience/training
- 5 years of experience in security technology design
- 5 years of network, server, and application systems development experience
- Understanding of airworthiness cybersecurity concepts including regulatory compliance and governance norms
- Familiarity with industry standards development and governing bodies (e.g., RTCA, IATA, ARINC, FAA) in relation to aviation cybersecurity
- Ability to perform vulnerability testing, risk analyses and security assessments
- Ability to coordinate security reviews with TechOps, Avionics Engineering, EFB Engineering and Connectivity teams
- Experience collaborating successfully with project managers, engineers, architects, administrators, and customers to deliver projects on time and within budget
Job Qualifications
- Bachelor's degree in Information Technology, IT Security, Network Systems Technology or related technical discipline, or equivalent experience/training
- 5 years of experience in security technology design
- 5 years of network, server, and application systems development experience
- 5 years designing, deploying, and managing PKI and cryptographic solutions
- 5 years hands-on experience with Identity and Access solutions
- 3 years experience on Network Security and VPN solutions
- 4+ years’ experience in NIST 800 series frameworks
- Application coding and scripting via Python, SQL, BASH, or PowerShell
- CISSP certification
- CISM certification
- CISA certification
- CEH certification
- GIAC aviation-aligned certifications such as GCIA, GCFA, GMON, GCTI
- Microsoft/Azure security certifications (AZ-500, SC-100)
- Zero Trust-related GIAC certifications (GDAT)
- Understanding of airworthiness cybersecurity concepts including regulatory compliance and governance norms
- Familiarity with industry standards development and governing bodies (e.g., RTCA, IATA, ARINC, and FAA) in relation to aviation cybersecurity
- Experience analyzing cybersecurity for avionics, ground systems, networks, tooling, 3rd parties, and other aviation-adjacent systems
- Awareness of aviation cyber threat vectors (airborne software manipulation, GPS spoofing, ADS-B misuse, datalink manipulation, avionics tampering)
- Experience working alongside SIEM platforms (Microsoft Sentinel, Splunk) for log collection, enrichment, detection engineering, or triage
- Familiarity with UEBA, anomaly detection, KQL, Sigma-to-KQL translation
- Understanding of Public Key Infrastructure (PKI) concepts as used in aviation contexts including X.509, OCSP, CRL, certificate chain validation
- Awareness of cryptographic workflows for loadable software parts, avionics signing, or aircraft-to-ground authentication
- Experience integrating certificate-based identity into network security or Zero Trust architectures
- Familiar with NIST Special Publications (e.g., 800-171, 800-30)
- Ability to perform vulnerability testing, risk analyses and security assessments
- Knowledge of secure integration of cybersecurity into the aircraft software lifecycle including maintenance workflows and part-loading processes
- Ability to coordinate security reviews with TechOps, Avionics Engineering, EFB Engineering, and Connectivity teams
- Familiarity with aircraft operational telemetry, uptime considerations, and failure-mode assessment
- Ability to support aviation-specific incident response including log preservation, chain-of-custody, and cross-domain triage
- Significant experience with virtualization architectures (Citrix, VMWare, Hyper-V)
- Experience collaborating successfully with project managers, engineers, architects, administrators, and customers to deliver projects on time and within budget
- Experience presenting to senior leadership including corporate architecture review boards and governance committees
- Experience with designing, developing, and integrating Active Directory Group Policy, Local Security Policy, and Windows scripts
- Knowledge of cloud technologies and risk assessment criteria (IaaS/PaaS/SaaS)
- Proficient in Agile and SDLC methodologies
Job Duties
- Leverages cybersecurity expertise to drive the technical research, planning, and architectural design of systems related to digital aircraft to ensure confidentiality, integrity, and high availability of corporate, vendor, and customer data
- Defines, develops, and delivers technical solutions, security requirements and standards that incorporate both industry and company technology standards spanning multiple security domains
- Provides internal security consultations for teams supporting digital aircraft, ground, and communication systems
- Supports standards, regulations, and compliance activities from cybersecurity perspective for FAA & other governing bodies
- Interfaces with industry counterparts like Aviation-ISAC, IATA Cybersecurity Task Force, and oneworld partners
- Assists with cyber-incidents related to AA's aviation technologies
- Delivers and maintains key artifacts and work products in support of the system review, software development, and quality assurance of airline operations
- Ensures digital aircraft systems and endpoints are scanned using Vulnerability Management tools and practices
- Coordinates with business, IT teams, and IS Risk to remediate compliance findings in a timely manner while addressing risk reduction objectives
- Demonstrates continuous improvement mindset
- Maintains an effective approach to problem solving, multi-tasking, coordinating, and scheduling in accordance with stated goals to ensure visibility and predictability
- Works extended hours occasionally, based on the needs of the project and the operation and may require travel periodically, but planned well in advance
Job Criteria
Experience
Expert Level (7+ years)
Job Location
Your Profile Is Visible To Hiring Managers Across OysterLink.
We'll match you with best jobs
Get job offers faster
Search For More Opportunities:
How Candidates Get Hired Faster
Apply to 2–3 similar roles
Complete profile & get best matches
Check new opportunities daily
