Managing Director - Digital Governance, Risk & Compliance (DGRC) (Chicago)

Achieving our goals starts with supporting yours. Grow your career, access top-tier health and wellness benefits, build lasting connections with your team and our customers, and travel the world using our extensive route network.

Come join us to create whats next. Lets define tomorrow, together.

Description

Overview:

Connecting People. Uniting the World. Theres never been a more exciting time to join United Airlines! As a global company that operates in hundreds of locations around the world with millions of customers and tens of thousands of employees we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly.Were on a path to becoming the biggest and airline in aviation history.

Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in cyber safety, security and resilience. United's CDR team plays a critical role in protecting our operations by enabling secure and resilient systems, managing threats and vulnerabilities and ensuring swift response and recovery. Our mission is to seamlessly embed cybersecurity and digital risk management into every aspect of our business. We help drive progress and growth through trusted digital solutions, safeguarding assets and empowering our team, all while promoting a cyber-safe and secure environment that supports resilient airline operations.

We are in search of an innovative and driven leader to take the reins of our Digital Governance, Risk & Compliance (DGRC) team.

The Managing Director of Digital Governance, Risk & Compliance (DGRC) will design, lead, and continuously enhance our enterprise cyber risk management and cyber resiliency programs. You will lead a team of professionals to safeguard our digital assets, processes, employees, and customersensuring that we can identify, assess, and mitigate cybersecurity risks in real time, and rapidly recover from cyberrelated disruptions. You will also provide guidance and direction to ensure compliance with a complex landscape of global regulations and industry standards. This role partners closely with the CISO, executive leadership, and key stakeholders to align DGRC initiatives with strategic business objectives and drive measurable improvements in our cybersecurity posture. This role heads a team of professionals and partners with executive leadership to embed riskbased decisionmaking across the organization.

The ideal candidate has a unique background of aviation, cybersecurity and risk management. They are a strong operational leader, critical thinker and people motivator. They can lead cross functionally, integrating people and processes, to position United as the best airline in aviation history.

Accountabilities:

Leadership & Strategy

Serve as a thought leader on cybersecurity risk and resilience, partnering with the CISO and business executives to define and implement a holistic DGRC strategy.

Translate strategic objectives into actionable roadmaps, ensuring alignment of cyber risk and resiliency initiatives with business goals.

Mentor and develop a high performing team across DGRC, audit, risk analytics, and supply chain security.

Risk Identification & Management

Lead ongoing, quantitative risk assessments for critical systemsflight operations, passenger data platforms, cloud services, and OT/IoT environments.

Prioritize and track risk mitigation plans, deploying controls and countermeasures that reduce exposure to ransomware, supplychain compromise, and emerging threats.

Develop meaningful dashboards and metrics that drive executivelevel visibility into risk posture and progress toward target risk tolerances.

Develop and maintain comprehensive digital governance framework, governance policies, standards, and procedures based on NIST Cybersecurity Framework, ISO27001, and COBIT.

Govern emerging technology lifecyclesincluding cloud platforms, AI/ML, and IoT systemsto ensure secure adoption

Compliance & Control Assessments

Oversee enterprise compliance with relevant frameworks and regulations, including SOX ITGC, PCI DSS, DFARS/CMMC, TSA AOSSP, SOC2, NIST CSF, and ISO27001/27002.

Maintain clear, uptodate policies and procedures, coordinate gap assessments, and lead remediation efforts to sustain continuous audit readiness.

Resiliency Planning & Execution

Architect and manage the airlines cyber resiliency program, partnering with the disaster recovery, business continuity planning, and crisismanagement teams.

Design, test, and refine cyber event management playbooks tailored to aviation scenarios (e.g., ground system disruptions, passenger data breach).

Design, participate and evaluate cyber resiliency drillstabletop exercises, simulations, and full-scale rehearsalswith internal teams and external authorities (FAA, DHS, international regulators).

Ensure minimally viable operations can be maintained across key business processes during and after a cyber event.

Collaboration & Communication

Build strong partnerships with Legal, Compliance, HR, IT, Operations, and other stakeholders to embed resiliency and risk management into daytoday activities.

Communicate risk findings, resiliency plans, and compliance status in clear, businessfocused terms to senior leaders and the Board.

Continuous Improvement & Innovation

Monitor the evolving threat landscape, regulatory changes, and best practices.

Evaluate and introduce new tools, automation, and processes that enhance efficiency, elevate our security posture, and support operational excellence.

This position is remote and would require approximately 20% travel.

Qualifications

Qualifications

Required:

12+ years in digital governance, risk and compliance (GRC) leadership, with a minimum 5 years of experience in aviation, defense, or other criticalinfrastructure sectors

Proven expertise implementing and maturing SOX, PCIDSS, DFARS/CMMC, TSA AOSSP, NIST CSF, and ISO27001 compliance programs

Bachelors degree in Cybersecurity, Computer Science, Risk Management, or related field (Masters preferred)

Proven ability to operate as both a hands-on contributor and a strategic leader

Experienced in developing and executing roadmaps for high priority cybersecurity initiatives, and lead cross-functional execution to drive initiatives to completion

Skilled in working with CISO to manage cybersecurity activities and programs

Ability to represent the company in discussions with auditors, regulators and aviation industry trade associations

Track record of coaching and developing individuals & leaders at multiple levels to achieve tangible results

Achieved objectives by contributing information and recommendations to strategic plans, identifying trends and driving changes

Comfortable engaging and influencing at all levels of the organization

Must be legally authorized to work in the United States for any employer without sponsorship

Preferred:

Handson experience with GRC platforms (ServiceNow IRM, RSA Archer, MetricStream) and riskquantification tools

Familiarity with IATA, ICAO, FAA, and EUNSA cybersecurity guidance

Eligibility for U.S. government security clearance

The base pay range for this role is $226,005.00 to $294,180.00.
The base salary range/hourly rate listed is dependent on job-related, factors such as experience, education, and skills. This position is also eligible for bonus and/or long-term incentive compensation awards.

You may be eligible for the following competitive benefits: medical, dental, vision, life, accident & disability, parental leave, employee assistance program, commuter, paid holidays, paid time off, 401(k) and flight privileges.

United Airlines is an equal opportunity employer. United Airlines recruits, employs, trains, compensates and promotes regardless of race, religion, color, national origin, gender identity, sexual orientation, physical ability, age, veteran status and other protected status as required by applicable law. Equal Opportunity Employer - Minorities/Women/Veterans/Disabled/LGBT.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions. Please contact [email protected] to request accommodation. #J-18808-Ljbffr