JetBlue Airways

Analyst IT Vulnerability Management

JetBlue Airways$70K — $120K *
Long Island City, NY 11101In-Person
Information Technology
Less than 5 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a relevant field or equivalent experience
  • At least one year of experience in vulnerability management or related cybersecurity role
  • Working knowledge of a major cloud provider; AWS or Azure preferred
  • Experience with vulnerability scanning tools such as Tenable or Qualys
  • Ability to analyze scan results and communicate findings effectively
  • Familiarity with patch management and remediation validation
  • Strong communication skills to interact across organizational levels

Responsibilities

  • Conduct vulnerability assessments across cloud and application services
  • Identify vulnerabilities using various security tools
  • Analyze vulnerability findings for impact prioritization
  • Coordinate with teams to ensure timely remediation of vulnerabilities
  • Validate remediation through rescans and evidence reviews
  • Support governance and tracking of cloud vulnerability findings
  • Collaborate with multiple teams to enhance software security practices

Benefits

  • Healthcare benefits
  • 401(k) plan with company match
  • Employee stock purchase plan
  • Short-term and long-term disability coverage
  • Basic life insurance
  • Free space-available travel on JetBlue
Full Job Description
Position Summary

The Analyst, Vulnerability Management - Cloud supports JetBlue's vulnerability management program across cloud-hosted infrastructure, cloud control planes, containers, infrastructure as code, and application-adjacent cloud services. This Crewmember identifies, analyzes, validates, reports, and coordinates remediation of cloud vulnerabilities and misconfigurations across JetBlue's multi-cloud environment, including AWS, Azure, GCP, OCI, and future cloud platforms as adopted.

The Analyst works closely with Cybersecurity, Cloud Engineering, DevOps, Infrastructure, Application, Product, GRC, Threat Intelligence, and Managed Service Provider teams to improve vulnerability visibility, remediation accountability, and risk-based prioritization.

Essential Responsibilities
  • Conduct and support vulnerability assessments across cloud-hosted infrastructure, cloud configurations, containers, Kubernetes, infrastructure as code, application components, and related cloud services.
  • Use approved vulnerability management, cloud security, CSPM/CNAPP, container, code-scanning, and external attack-surface tools to identify vulnerabilities, misconfigurations, exposed services, outdated software, and insecure deployment patterns.
  • Analyze findings using severity, exploitability, CISA KEV status, exposure, asset criticality, data sensitivity, compensating controls, and business impact.
  • Coordinate with cloud engineering, DevOps, application, infrastructure, and product owners to prioritize and track remediation through patching, configuration changes, code changes, image updates, infrastructure-as-code changes, or compensating controls.
  • Validate remediation through rescans, evidence review, configuration review, ticket closure checks, or other approved verification methods.
  • Assist with authenticated scan coverage, agent deployment coordination, cloud account onboarding, asset tagging, ownership validation, and CMDB/application mapping.
  • Support remediation governance by tracking findings against JetBlue policy timelines and escalating overdue, disputed, or blocked remediation items.
  • Collaborate with engineering and QA teams to ensure proper Software Development Life Cycle (SDLC) practices and minimize the release of vulnerable software through the deployment pipeline.
  • Route non-remediated or delayed findings through the approved cyber risk exception / acceptance process when required.
  • Configure and maintain vulnerability metrics and reporting for cloud findings, remediation progress, risk exposure, aging, coverage gaps, recurring issues, and exception trends.
  • Partner with Threat Intelligence, Detection & Response, Penetration Testing, and Application Security teams to incorporate active exploitation, external exposure, attack path, and test-result context into prioritization.
  • Support Cyber compliance requirements with evidence, reporting, and control validation for PCI, SOX, TSA-related obligations, and other applicable oversight frameworks.
  • Participate in cross-functional working sessions to improve cloud vulnerability remediation processes, reduce direct exposure, strengthen compensating controls, and improve cloud security visibility.
  • Other duties as assigned.

Minimum Experience and Qualifications
  • Bachelor's Degree in Computer Science, Information Security, Information Technology, Cybersecurity, Cloud Computing, or a related field; OR demonstrated capability to perform job responsibilities with a High School Diploma/GED and at least four (4) years of previous relevant work experience
  • One (1) year of experience in vulnerability management, cloud security, security operations, infrastructure security, DevOps, application security, or a related cybersecurity role.
  • Working knowledge of at least one major cloud provider; AWS/Azure preferred.
  • Experience with vulnerability scanning tools such as Tenable, Qualys, Rapid7, Prisma Cloud, Wiz, Defender for Cloud, AWS Inspector, or similar.
  • Understanding of cloud shared responsibility models, cloud networking, identity, compute, storage, containers, Kubernetes, and infrastructure-as-code concepts.
  • Ability to analyze scan results, identify false positives, validate risk, and communicate remediation needs clearly.
  • Knowledge of vulnerability risk factors such as CVSS, exploitability, internet exposure, asset criticality, data sensitivity, compensating controls, and remediation timelines.
  • Familiarity with patch management, configuration remediation, change management, and remediation validation.
  • Strong written and verbal communication skills with the ability to interact effectively with stakeholders across all levels of the organization.
  • Ability to work collaboratively with Cybersecurity, IT, DevOps, infrastructure, product, application, compliance, and managed service provider teams.Available for occasional overnight travel (10%).
  • Must pass a pre-employment drug test.
  • Must be legally eligible to work in the country in which the position is located.
  • Authorization to work in the United States is required; this position is not eligible for visa sponsorship.

Preferred Experience and Qualifications
  • Two (2) years of experience in vulnerability management, cloud security, DevSecOps, infrastructure security, or application security.
  • Experience with CSPM, CNAPP, CWPP, container scanning, code scanning, IaC scanning, or external attack surface management.
  • Working knowledge with AWS Systems Manager, Azure Update Manager, cloud-native patching tools, or enterprise patch platforms.
  • Understanding with Kubernetes, container registries, golden images, base-image maintenance, and CI/CD security gates.
  • Experience using Terraform, CloudFormation, ARM/Bicep, Kubernetes manifests, or other infrastructure-as-code technologies.
  • Knowledge of NIST CSF, CIS Controls, CIS Benchmarks, PCI DSS, TSA cybersecurity requirements, ISO 27001, or similar standards.
  • Certifications such as Security+, CySA+, AWS Security Specialty, Azure Security Engineer, Google Professional Cloud Security Engineer, CCSK, CCSP, or equivalent.

Crewmember Expectations
  • Regular attendance and punctuality.
  • Potential need to work flexible hours and be available to respond on short notice.
  • Able to maintain a professional appearance.
  • When working or traveling on JetBlue flights, and if time permits, all capable crewmembers are asked to assist with light cleaning of aircraft.
  • Must be an appropriate organizational fit for the JetBlue culture, that is, exhibit the JetBlue values of Safety, Caring, Integrity, Passion and Fun.
  • Promote JetBlue's #1 value of safety as a Safety Ambassador, supporting JetBlue's Safety Management System components, Safety Policy, and behavioral standards.
  • Identify safety and/or security concerns, issues, incidents or hazards that should be reported and report them whenever possible and by any means necessary including JetBlue's confidential reporting systems (Aviation Safety Action Program (ASAP) or Safety Action Report (SAR))
  • The use of ChatGPT or any other automated tool during the interview process will disqualify a candidate from being considered for the position.

Equipment
  • Computer and other office equipment.

Work Environment
  • Traditional office environment.

Physical Effort
  • Generally not required, or up to 10 pounds occasionally, 0 pounds frequently. (Sedentary)

Compensation
  • The base pay range for this position is between $70,000.00 and $120,000.00 per year. Base pay is one component of JetBlue's total compensation package, which may also include access to healthcare benefits, a 401(k) plan and company match, crewmember stock purchase plan, short-term and long-term disability coverage, basic life insurance, free space available travel on JetBlue, and more.


#LI-AC1

#LI-Hybrid

About JetBlue Airways

JetBlue is a customer service channel for Major United States Airline based in Queens, New York. It is a passenger airline that operates primarily on point-to-point routes with its fleet of 120 Airbus A320 aircraft and 49 EMBRAER 190 aircraft. As of December 31, 2011, it served 70 destinations in 22 states, Puerto Rico, Mexico and 12 countries in the Caribbean and Latin America. Most of JetBlue flights have as an origin or destination New York or one of its other focus cities: Boston, Fort Lauderdale, Los Angeles, Orlando or San Juan, Puerto Rico. As of December 31, 2011, the Company operated an average of 700 daily flights. During the year ended December 31, 2011, the Company acquired eight take-off and landing slots at each of New York’s LaGuardia Airport and Washington D.C.’s Ronald Reagan National Airport. The Company’s operations primarily consist of transporting passengers on its aircraft with domestic United States operations, including Puerto Rico, which accounted for 85% of its capacity in 2011.

JetBlue Airways Careers

There has never been a more exciting time to explore job opportunities at JetBlue Airways, a leading company in the aviation industry known for its innovation, strong culture, and commitment to diversity and leadership development. Work You’ll Do Join JetBlue Airways' dynamic team to help redefine the future of air travel with a focus on customer service excellence and operational efficiency. At JetBlue, you will be part of a culture that values diversity, leadership, and professional growth. Transform your career and the airline industry with JetBlue’s commitment to innovation and excellence. Lead from a unique position in the marketplace, where your skills in technology, customer service, and team collaboration are highly valued. Work with a dedicated team of professionals who are passionate about creating an outstanding travel experience. Collaborate with industry leaders and benefit from a culture that supports career advancement and professional development. Introducing the JetBlue Professional Growth and Development Initiative We are building a market-leading team to master the challenges of the modern aviation industry. At JetBlue, you will find a supportive environment where career growth and learning are encouraged through comprehensive training and leadership development programs. Do Innovative Work Join a team that is at the forefront of the aviation industry, where you can apply your skills in a variety of roles, from pilot and cabin crew positions to engineering and customer support. JetBlue offers a wide range of job opportunities that allow you to innovate and excel. Be Part of a Great Team Work on a wide range of projects and utilize the latest technology in aviation. Harness the unparalleled capabilities of a team that values integrity, teamwork, and mutual respect. Future-Proof Your Career Advance your career with JetBlue Airways, where your ambition can take you to new heights. Enjoy near-limitless opportunities to grow professionally, supported by unmatched training, development, and certification support. Explore JetBlue’s internship programs offer a unique insight into the workings of one of the most innovative airlines in the industry. These programs provide hands-on experience and are a stepping stone to full-time employment. The JetBlue Experience Our combined service capabilities, commitment to innovation, and a diverse and inclusive workplace help employees thrive and lead in their careers. At JetBlue, we are dedicated to nurturing a professional environment where every team member can succeed. Stay Connected Join Our Team Search open positions that match your skills and interests. We look for passionate, curious, creative, and solution-driven team players. Explore the various employment paths JetBlue Airways offers, from customer service to pilot positions. SEARCH JETBLUE JOBS Keep Up to Date Stay ahead with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the people who work here. READ CAREERS BLOG Job Alert Emails Personalize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding career opportunities that await at JetBlue Airways.
Learn more about JetBlue Airways
Size
19,304 employees
Market Cap
$2 billion
Industry
Aerospace & Defense
Net Income
-$1.3 billion
Founded
1999
5 Year Trend
-1.7%
Revenue
$2.9 billion
NASDAQ
JBLU
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at JetBlue Airways

More Information Technology Jobs

Find similar Analyst IT Vulnerability Management jobs:

NationwideLong Island City, NY