Principal Architect - Digital Risk and Resilience (Remote)
Description
Connecting People. Uniting the World. There’s never been a more exciting time to join United Airlines!
As a global company that operates in hundreds of locations around the world — with millions of customers and tens of thousands of employees — we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly. We’re on a path to becoming the best airline in aviation history. Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in cyber safety, security and resilience.
Job Overview And Responsibilities
The Principal Architect – Digital Risk and Resilience is part of a Cybersecurity team that shapes how the enterprise makes risk-informed decisions across technology, operations, and the business. This role drives high-visibility, cross-functional work to integrate Digital Risk Management with partners in Cybersecurity and Digital Risk, Digital Technology, and business owners of risk, helping the enterprise identify, assess, and govern systemic digital risk across critical operational capabilities, with a focus on digital fragility, operational survivability, and safe continuity of operations when digital systems degrade or fail.
- Drive high-visibility, cross-functional work to integrate Digital Risk Management with partners in Cybersecurity and Digital Risk, Digital Technology, and business owners of risk.
- Help the enterprise identify, assess, and govern systemic digital risk across critical operational capabilities.
- Translate complex digital dependency, concentration, recoverability, and detection risks into decision-grade insight that informs resilience investments, governance priorities, and risk treatment strategies.
- Lead enterprise-level integration of Digital Risk Management with partners across Cybersecurity and Digital Risk, Digital Technology, and the business to embed risk-based decision making into planning, delivery, governance, and resilience decisions.
- Establish and evolve the enterprise resilience program by defining key resilience indicators, core resiliency capabilities, target outcomes, and implementation roadmaps, while mapping end-to-end digital dependencies for critical operational capabilities, identifying single points of failure, quantifying cross-functional coupling risk, and aligning requirements across Business Continuity, Cybersecurity and Digital Risk, Digital Technology, and business owners of risk.
- Develop practical models, methods, and frameworks for evaluating systemic digital risk in emerging and complex environments, including concentration risk, recoverability complexity, dependency fragility, detection visibility, vendor coupling, and time-to-operational-failure, and translate results into executive-level scorecards and prioritized risk treatment options.
- Improve risk prioritization and decision support at scale by partnering with technical and business stakeholders to assess blast radius, manual fallback capacity, data integrity restoration risk, vendor dependency, and digital safety margin, and operationalize resilience-focused decision support within governance and risk workflows.
- Assess and integrate emerging systemic risk drivers—including AI-enabled threats, identity compromise, cloud control plane disruption, vendor update failure, integration breakdown, and data corruption—into enterprise governance, resilience planning, and risk treatment processes.
- Conduct structured failure simulation and systemic stress testing to assess resilience across critical capabilities, including scenarios involving identity outage, cloud control plane disruption, vendor service failure, integration loss, and data corruption, and use findings to improve recovery sequencing, escalation readiness, and resilience investment priorities.
Qualifications
- Bachelor's degree in Cybersecurity, Information Technology, Engineering, Risk Management, or a related field
- 5+ years of experience in cybersecurity, digital risk, operational resilience, business continuity, technology risk, or related disciplines, including experience working across complex business and technology environments
- Experience applying governance, risk, and compliance concepts and enterprise risk management practices, including cybersecurity, resiliency, and control frameworks in complex business and technology environments
- Knowledge of digital resilience, operational resilience, and business continuity concepts, including the ability to define meaningful indicators, capabilities, and target outcomes, map dependencies across critical operational functions, assess digital fragility, and evaluate recovery realism in support of enterprise resiliency objectives
- Working knowledge of relevant technology domains such as cloud, software development, data platforms, identity, infrastructure, integrations, and security architecture concepts, including how dependencies across these domains affect concentration risk, recoverability, and systemic exposure
- Skills in building practical risk and resiliency models, translating ambiguous or emerging risk issues into actionable frameworks, and using dependency, monitoring, and control insights to improve systemic risk prioritization and executive decision support
- Ability to lead change through influence, build awareness and adoption across diverse stakeholder groups, and communicate complex dependency, fragility, and resilience concepts clearly to technical, operational, and executive audiences
- Strong problem solving, critical thinking, interpersonal, collaboration, written, and verbal communication skills, with the ability to work independently, navigate ambiguity, assess systemic exposure, and drive progress in high-visibility environments
Preferred Qualifications
- Master's degree in Cybersecurity, Information Technology, Engineering, Risk Management, or a related field
- Certification such as CISA, CRISC, CISSP, or CISM
- Experience with operational resilience, dependency mapping, enterprise risk governance, or critical service resiliency
- Expert knowledge of governance, risk, and compliance concepts and enterprise risk management practices
- Knowledge of emerging risk drivers, including AI risk management and AI governance practices, and the ability to connect such risks to broader governance, resilience, and enterprise risk structures
- Knowledge of recognized resilience risk management frameworks such as NIST CSF 2.0, NIST operational resilience standards, NIST SP 800-160 Vol. 2, CERT-RMM, or related industry guidance
Job Posting Expiration
8/10/2026
Pay
The base pay range for this role is $140,600.00 to $183,108.00. The base salary range/hourly rate listed is dependent on job-related, factors such as experience, education, and skills. This position is also eligible for bonus and/or long-term incentive compensation awards.
Benefits
You may be eligible for the following competitive benefits: medical, dental, vision, life, accident & disability, parental leave, employee assistance program, commuter, paid holidays, paid time off, 401(k) and flight privileges.
Equal Opportunity Employer
United Airlines is an Equal Opportunity Employer. We recruit, employ, train, compensate, and promote without regard to race, color, religion, national origin, gender identity, sexual orientation, disability, age, veteran status, or any other protected category under applicable law. We provide reasonable accommodations for applicants and employees with disabilities. To request an accommodation, contact JobAccommodations@united.com