View All Jobs/Careers

Dow Jones

We break stories, influence ideas, and advance business intelligence and cultural interest. We expose the events that turn markets, the digital breakthroughs that transform art, the demand that drives invention, as well as the political and societal passing moments and lasting consequences. We are the people of Dow Jones. From different fields, backgrounds and viewpoints we invite you to join us.

Examine the world and bring it to others.

each out to us at <a href="" target="_blank"> </a>. Please put “Reaso

Job Information

Dow Jones Principal Engineer, Product Security in LONDON, United Kingdom

Job Description:

This position will report to the Director of Product Security in the Cybersecurity group. As the company invests further in this area, there is room for innovation and growth for a hands-on, collaborative and energetic individual. The candidate will work with our flagship products such as Wall Street Journal, Marketwatch, Barrons, Factiva and DNA.

Preferred Location: London, UK or Barcelona, Spain


  • Serve as the security SME for product development engineering teams

  • Help build, maintain and execute a strategy to secure our customer-facing products.

  • Partner with product development engineering teams to ensure that products are “secure from the start” through an Agile Secure Development Lifecycle

  • Partner with the business to understand the needs and demands of our customers and the marketplace. Able to develop security standards and practices that ensure products are built to meet those needs

  • Work with product development engineering teams to address security findings and negotiate priorities for these to be released

  • Provide visibility around product security weaknesses to the business

  • Perform threat models of products

  • Work alongside technical leadership to ensure secure architectural patterns are being used

  • Develop security requirements and stories

  • Work with software engineers to design preventative and/or detective controls for specific security issues

  • Work with engineering teams to build reusable security components

  • Help proliferate the use of automated security tools, that are maintained by the product security team into the continuous integration and development environment to identify security issues quickly

  • Work with members of Cyber Defense to integrate security monitoring of products

  • Work with members of the application security/penetration testing team to perform security testing and work with project managers to prioritize any identified issues

  • Collaborate with the application security team to design and execute a security champions program within the product engineering teams aimed at instilling security into the culture of product engineering

  • Lead conversations about security with prospective & current customers alongside the business and sales team

  • Develop security material (brochures, white-papers) for consumption by customers showcasing the security of our products

Skills & Experience:

  • Experience with design and architecture using modern secure design patterns

  • Experience with cloud best practices and security - AWS, GCP, Azure

  • Experience in one or more of the following modern languages/frameworks - Node.js, PHP, Java, C#, Python

  • A strong understanding of modern development processes including agile development

  • Strong knowledge of application security topics such as authn, authz, encryption, session management, federation, encryption

  • Ability to communicate complicated technical issues and risks to engineers, project managers and product managers

  • Extensive experience with application security tools like code scanners, dynamic analysis tools

  • Familiarity with security related certifications such as PCI, ISO27001

  • Strong understanding of public application security projects such as OWASP, BSIMM

  • Expert knowledge with Information Security frameworks and fundamentals including ISO 27001, NIST, Lockheed Killchain and MITRE ATT&CK-based analytics

  • Bachelor's degree in computer science or a related discipline, or equivalent work experience required, 10-12 years of experience in information security or related technology experience required

Dow Jones , Making Careers Newsworthy

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets .

Dow Jones is committed to providing reasonable accommodation for qualified individuals with disabilities, in our job application and/or interview process. If you need assistance or accommodation in completing your application, due to a disability, please reach out to us at . Please put “Reasonable Accommodation" in the subject line.


Job Category: IT Development Group

About Us

Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 125 years and today has one of the world’s largest news gathering operations globally. It produces leading publications and products including the flagship Wall Street Journal, America’s largest newspaper by paid circulation; Factiva, Barron’s, MarketWatch, Financial News, DJX, Dow Jones Risk & Compliance, Dow Jones Newswires, and Dow Jones VentureSource.Dow Jones is a division of News Corp (NASDAQ: NWS, NWSA; ASX: NWS, NWSLV).

If you are a current employee at Dow Jones, do not apply here. Please go to the Career section on your Workday homepage and view "Find Jobs - Dow Jones." Thank you.

Req ID: 17168