Dow Jones Technology Jobs

Technology

Come help us revolutionize digital media! Are you a self starter who is energized by new challenges and enjoys a sense of accomplishment? Do you enjoy working with dynamic people in a highly collaborative, team environment? If so we want to speak with you.

Dow Jones is currently hiring “get-things-done” technologists with all levels of experience to help reinvent the way we develop products and deliver best in class digital solutions to all of our customers.

each out to us at <a href="mailto:TalentResourceTeam@dowjones.com" target="_blank">TalentResourceTeam@dowjones.com </a>. Please put “Reaso

Job Information

Dow Jones Principal Engineer, Product Security in BARCELONA, Spain

Job Description:

This position will report to the Director of Product Security in the Cybersecurity group. As the company invests further in this area, there is room for innovation and growth for a hands-on, collaborative and energetic individual. The candidate will work with our flagship products such as Wall Street Journal, Marketwatch, Barrons, Factiva and DNA.

Preferred Location: London, UK or Barcelona, Spain

Responsibilities:

  • Serve as the security SME for product development engineering teams

  • Help build, maintain and execute a strategy to secure our customer-facing products.

  • Partner with product development engineering teams to ensure that products are “secure from the start” through an Agile Secure Development Lifecycle

  • Partner with the business to understand the needs and demands of our customers and the marketplace. Able to develop security standards and practices that ensure products are built to meet those needs

  • Work with product development engineering teams to address security findings and negotiate priorities for these to be released

  • Provide visibility around product security weaknesses to the business

  • Perform threat models of products

  • Work alongside technical leadership to ensure secure architectural patterns are being used

  • Develop security requirements and stories

  • Work with software engineers to design preventative and/or detective controls for specific security issues

  • Work with engineering teams to build reusable security components

  • Help proliferate the use of automated security tools, that are maintained by the product security team into the continuous integration and development environment to identify security issues quickly

  • Work with members of Cyber Defense to integrate security monitoring of products

  • Work with members of the application security/penetration testing team to perform security testing and work with project managers to prioritize any identified issues

  • Collaborate with the application security team to design and execute a security champions program within the product engineering teams aimed at instilling security into the culture of product engineering

  • Lead conversations about security with prospective & current customers alongside the business and sales team

  • Develop security material (brochures, white-papers) for consumption by customers showcasing the security of our products

Skills & Experience:

  • Experience with design and architecture using modern secure design patterns

  • Experience with cloud best practices and security - AWS, GCP, Azure

  • Experience in one or more of the following modern languages/frameworks - Node.js, PHP, Java, C#, Python

  • A strong understanding of modern development processes including agile development

  • Strong knowledge of application security topics such as authn, authz, encryption, session management, federation, encryption

  • Ability to communicate complicated technical issues and risks to engineers, project managers and product managers

  • Extensive experience with application security tools like code scanners, dynamic analysis tools

  • Familiarity with security related certifications such as PCI, ISO27001

  • Strong understanding of public application security projects such as OWASP, BSIMM

  • Expert knowledge with Information Security frameworks and fundamentals including ISO 27001, NIST, Lockheed Killchain and MITRE ATT&CK-based analytics

  • Bachelor's degree in computer science or a related discipline, or equivalent work experience required, 10-12 years of experience in information security or related technology experience required

Dow Jones , Making Careers Newsworthy

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets .

Dow Jones is committed to providing reasonable accommodation for qualified individuals with disabilities, in our job application and/or interview process. If you need assistance or accommodation in completing your application, due to a disability, please reach out to us at TalentResourceTeam@dowjones.com . Please put “Reasonable Accommodation" in the subject line.

Business Area: TECHNOLOGY - INFORMATION SECURITY

Job Category: IT Development Group

About Us

Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 125 years and today has one of the world’s largest news gathering operations globally. It produces leading publications and products including the flagship Wall Street Journal, America’s largest newspaper by paid circulation; Factiva, Barron’s, MarketWatch, Financial News, DJX, Dow Jones Risk & Compliance, Dow Jones Newswires, and Dow Jones VentureSource.Dow Jones is a division of News Corp (NASDAQ: NWS, NWSA; ASX: NWS, NWSLV).

If you are a current employee at Dow Jones, do not apply here. Please go to the Career section on your Workday homepage and view "Find Jobs - Dow Jones." Thank you.

Req ID: 17168

DirectEmployers