Job Description

Department:

Technology

Our Company Promise

We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Employees will be provided the same concern, respect, and caring attitude within the organization that they are expected to share externally with every Southwest Customer.

This Sr Cybersecurity Analyst on the Incident Response Team will play a critical role in protecting some of Southwest’s most sensitive data while helping build and shape a new Data Privacy Incident Response program from the ground up. You’ll lead efforts to identify, investigate, and respond to incidents involving personal and regulated data, partnering closely with Privacy, Legal, and Cybersecurity teams to assess risk, ensure compliance, and guide response actions. In this high‑visibility role, you’ll bring confidence and sound judgment when it matters most—helping manage potential breaches and protect Customer information. Alongside your data privacy focus, you’ll work with a range of cybersecurity tools and environments in order to contribute to a broader incident response capability that safeguards Southwest’s systems, operations, and aircraft. Your expertise will directly strengthen Southwest’s data protection posture and help ensure we respond quickly, thoughtfully, and responsibly in moments that matter most.

Additional Details:

• This role is offered as a remote workplace position, which may require travel for trainings, meetings, conferences, etc. Outside of those required visits, the majority of your working time may be spent in an approved remote location, away from our Corporate Campus. Please note, while this is a remote position, there is limited group of states or localities ineligible for Employees to regularly perform their work off-site. Those ineligible locations are: Alaska, Delaware, New Jersey, North Dakota, South Dakota, Vermont, West Virginia, and Wyoming, and Puerto Rico.

• U.S. citizenship or current authorization to work in the U.S. required and no current or future work authorization sponsorship available

We’re committed to fair hiring practices and to making employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, military or veteran status, disability, genetic information, or other legally protected characteristics.

Responsibilities

• Provide advanced technical expertise and leadership in cybersecurity, contributing to the identification and resolution of complex cybersecurity issues across various domains such as Incident Response, Threat Intelligence, Governance, Risk, and Compliance (GRC), Privacy, Vulnerability Management, and Engineering Operations

• Lead and coordinate complex incident response efforts, overseeing the identification, containment, and resolution of sophisticated security incidents, and providing mentorship to junior and mid-level analysts

• Champion advanced threat intelligence initiatives, including the development of threat hunting strategies, proactive identification of emerging threats, and the implementation of innovative solutions to enhance the organization's security posture

• Take ownership of the organization's vulnerability management program, developing and implementing advanced strategies for identifying, prioritizing, and mitigating vulnerabilities, and providing expert guidance to analysts at all levels

• Architect and lead the optimization of the organization's security infrastructure, ensuring the implementation of cutting-edge cybersecurity controls and practices, and providing strategic direction for the organization's evolving security architecture

• Drive the maturity of GRC initiatives, providing expert guidance on compliance matters, shaping policies and procedures, and ensuring a proactive and comprehensive approach to governance, risk, and compliance

• Serve as the primary authority on privacy matters, overseeing the organization's privacy program, and ensuring the effective implementation and continuous improvement of privacy controls in line with evolving regulations

• Lead advanced research and development efforts in cybersecurity, staying at the forefront of emerging technologies, and driving innovation in security practices to stay ahead of evolving cyber threats

• Mentor and coach junior and mid-level cybersecurity analysts, providing guidance on complex technical and strategic challenges, and contributing to the professional development of the cybersecurity team

• Foster strong collaboration across the organization, engaging with senior leadership, cross-functional teams, and external stakeholders, and representing the cybersecurity function at a strategic level

• May perform other job duties as directed by Employee's Leaders

Knowledge, Skills and Abilities

• Knowledge of advanced cybersecurity concepts, including threat intelligence, penetration testing, and advanced attack techniques

• Skilled in cybersecurity regulations and standards, such as GDPR, HIPAA, and industry-specific compliance requirements

• Skilled in advanced threat detection methods and tools, as well as the ability to analyze and respond to complex threats

• Skilled in guiding incident response efforts, including managing complex incident investigations and coordinating teams

• Skilled in conducting in-depth vulnerability assessments and penetration testing to identify and address security weaknesses

• Ability to provide strategic insights into emerging threats, technologies, and best practices and shape the organization's cybersecurity strategy

• Ability to lead risk management efforts and develop effective strategies for identifying, assessing, and mitigating cybersecurity risks

• Skilled in effective collaboration and communication to work effectively with cross-functional teams, stakeholders, and external partners

• Ability to develop and enforce security policies, standards, and procedures, ensuring compliance and comprehensive security controls

• Ability to foster a security-aware culture within the organization, promoting cybersecurity awareness and knowledge-sharing among team members and stakeholders

Education

• Required: High School Diploma or GED

• Required: Bachelor's degree in Computer Science, Engineering, Information systems or similar fields of study or equivalent advanced level experience

Experience

• Required: Advanced-level experience, seasoned and specialized knowledge in cybersecurity principles and concepts, developing skills and knowledge in information technology (IT) operations, programming, systems/software development or another IT related field

• The following qualifications are preferred and not required. If your experience doesn’t align perfectly, we still encourage you to apply—we’re looking for great People, not a perfect checklist.

  • Preferred: Experience performing log analysis and digital forensics, including leading complex data privacy incidents end‑to‑end (detection, containment, and root cause analysis)

  • Preferred: Experience applying global privacy regulations (e.g., GDPR, CCPA/CPRA, LGPD, HIPAA) within incident response and data protection processes

  • Preferred: Experience with data governance and lifecycle management, including data classification, retention, and secure disposal practices

  • Preferred: Experience communicating complex technical and regulatory information to diverse audiences, including executive leadership, while managing multiple high‑priority incidents in fast‑paced environments

Licensing/Certification

• N/A

Physical Abilities

• Ability to perform work duties from [limited space work station/desk/office area] for extended periods of time

• Ability to communicate and interact with others in the English language to meet the demands of the job

• Ability to use a computer and other office productivity tools with sufficient speed and accuracy to meet the demands of the job

Other Qualifications

• Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines

• Must be a U.S. citizen or have authorization to work in the United States as defined by the Immigration Reform Act of 1986

• Must be at least 18 years of age

• Must be able to comply with Company attendance standards as described in established guidelines

• Must be able to travel and /or attend Company and non-Company facilities and remote locations such as remote-based offices as necessary

Pay & Benefits:

Competitive market salary from $122,200 per year to $135,800 per year* depending on qualifications and experience. For eligible Leadership and individual contributor roles, additional bonus opportunities are available and awarded at the discretion of the company.

Benefits you’ll love:   

• Fly for free, as a privilege, on any open seat on all Southwest flights (your eligible dependents too) 

• Southwest will help fund your Retirement Savings Plan with Company contributions up to 9.3% of your eligible earnings**

• Potential for annual ProfitSharing contribution in the Southwest Retirement Savings Plan- when Southwest profits, you profit***

• Competitive health insurance for you and your eligible dependents (including pets)

• Southwest offers health plan coverage options that start from the very first day of employment. You will have 30 days to select and enroll in your health plan with coverage retroactively available to your first day of employment.

• Explore more Benefits you’ll love: https://careers.southwestair.com/benefits

*Pay amount does not guarantee employment for any particular period of time.

**401(k) match contributions are subject to Retirement Savings Plan vesting schedule and applicable IRS limits

***ProfitSharing contributions are subject to Retirement Savings Plan vesting schedule and are made at the discretion of the Company.

Southwest Airlines is an Equal Opportunity Employer.
Please print/save this job description because it won't be available after you apply.