We break stories, influence ideas, and advance business intelligence and cultural interest. We expose the events that turn markets, the digital breakthroughs that transform art, the demand that drives invention, as well as the political and societal passing moments and lasting consequences. We are the people of Dow Jones. From different fields, backgrounds and viewpoints we invite you to join us.
Examine the world and bring it to others.
Job Description:
We are looking for a lead software engineer with cyber security experience to join our product engineering team to support a number of security and compliance initiatives. In this role, you will analyze various cloud technologies and third-party technologies, with a focus on finding the balance between security and performance needs in clouds like AWS and Google. You will also be responsible for driving and maintaining compliance initiatives, like ISO 27001 standards across parts of the organization.
As a lead software security engineer, you will be responsible for:
Be the champion of application security, work closely with developers solving security issues.
Reviewing new technologies and products for security implications.
Helping the engineering productivity team and others in solving cyber security problems in ways that not only comply with required standards, but also contribute materially to the security of Dow Jones systems.
Manage day-to-day operations of the perimeter protection products, WAF and bot protections. Create and fine tune perimeter security policies and exceptions lists.
Advising, influencing and educating the rest of the company on matters of compliance and security.
Interfacing with multiple teams and stakeholders to drive compliance to the ISO 27001 standard
Managing an ISMS required to maintain the ISO 27001 certification for the business
Implement AWS cloud security groups and policies for applications deployments
Assist security liaison on the proof of concepts for security and performance solutions.
Providing expert advice during security incidents, and communicating technical ideas to technical and non-technical audiences clearly in speech and prose
Collaborating with Engineering and Operations in the design of new compliance controls for new or existing products and technologies.
Automating routine parts of the security operations role
About the Team
Dow Jones' engineering productivity and InfoSec Team is responsible for safeguarding the security of Dow Jones' infrastructure and providing internal advocacy for security practices. Within this larger context, the Information Security and engineering productivity team works closely with product and platform teams throughout the company to help ensure that Dow Jones systems meet both the safety and security compliance needs of our customers.
Required Education and Experience
Applicants must meet one of the following education and experience requirements:
8+ years of relevant experience and a Bachelor’s degree in computer science or related field.
2+ years implementing standards like, ISO 27001 compliance for a global technology organization
5+ years of experience designing secure complex distributed systems
Desired Skills
Security certifications (e.g., OSCP) and Cloud Certifications are a plus
Programming experience, preferably with a diversity of languages
Application performance and low latency applications
Experience as a lead implementer or supporting the implementation of the ISO 27001 standard for a global technology organization.
Build security into infrastructure and architecture designs and guide the implementation with the operations team
A strong work ethic and a positive attitude
Excellent technical aptitude and a desire to learn constantly
Clear written and verbal communications.
Responsible, self-disciplined, and motivated
Comfort working with arbitrary and sometimes contradictory requirements
Experience with cloud security, particularly for AWS and/or Azure Experience with integrating security into a DevOps culture
Experience with Database activities.Ability to write Simple Queries.
Thorough understanding of DevOps principles and building code pipelines
A passion for application security related problems.Working knowledge of web application vulnerabilities and mitigations.
Dow Jones , Making Careers Newsworthy
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets .
Dow Jones is committed to providing reasonable accommodation for qualified individuals with disabilities, in our job application and/or interview process. If you need assistance or accommodation in completing your application, due to a disability, please reach out to us at TalentResourceTeam@dowjones.com. Please put “Reasonable Accommodation" in the subject line.
Business Area: TECHNOLOGY - PRODUCT DEVELOPMENT
Job Category: Technology Group
Req ID: 32207
