Dow Jones Lead CyberSecurity Incident Response Engineer in NEW YORK, New York

Job Description:

As a Lead Incident Response Engineer you will play a key role within our Cyber Defense Center. This work includes preparing to effectively handle cyber security incidents, responding to incidents, developing response plans, automating playbooks and conducting exercises to test response plans.

Primary objectives for the role will be to minimize the impact of active security incidents through innovative approaches to incident response and to minimize the probability of security incidents through proactively improving our ability to prevent, detect, disrupt, investigate, respond to, and recover from those cyber risk events.


  • Lead internal incident response engagements to understand, mitigate and remediate threats an d risks impacting Dow Jones. Specifically within the AWS cloud environment,

  • Lead the adoption of orchestration and automation technologies in the event analysis/ incident response process. Using AWS native tools like Lambda to automate incident response.

  • Perform complex incident response technical analysis and develop technical conclusions based on analysis of evidence; review analysis and conclusions of other team members.

  • Monitor for and investigate internal and external threats leveraging best of breed technologies.

  • Contribute to the Security Mission - correlating multiple data sources, analyzing the facts, determining best remediation strategy, and remediating until incident is contained and resolved.

  • Set standards for the documentation of activities during an incident, creation of security incident reports, and for conducting post-incident reviews.

  • Drive continuous improvement through active collaboration with threat simulation, vulnerability management, and security architecture teams.

  • Spearhead the development of innovative approaches to detect, respond to, and eradicate advance threats; improve overall time to respond and eliminate threats; and increase effectiveness of analysts, including, but not limited to integration of innovative methodologies to understand attacker behavior, adoption of automation to support decision analysis, and implementation of orchestration.

  • Mentor team members, junior and senior, in state-of-the-art incident response practices.


The ideal Lead CyberSecurity Incident Response Engineer will have a proven track record of working within the Security Incident Response space. A broad range of Cloud Security expertise is of interest. This role is looking for practical experience (hands-on) in most of the following areas:

  • Familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations

  • Strong technical communication skills (oral and written) including experience briefing executive management and desire to work with clients to solve complex security issues, including at times in crisis situations

  • Experience briefing senior-level leadership, and conveying technical subject matter to audiences of varying backgrounds and skill levels

  • Full-stack knowledge to understand modern attacks that involve networks, infrastructure, compute and applications

  • Familiarity with scripting/developing in modern languages like Python, Go, Ruby

  • Understanding of modern application architectures (serverless, mobile, distributed…)

  • Demonstrated experience in Cloud IR as a senior security support engineer or SOC Engineer / Analyst

  • Public/Private Cloud Experience (AWS, Azure, Google Cloud, VMware)

  • In-Depth OS Experience (RHEL, Ubuntu, Windows Server)

  • Understanding of host based security and tooling

  • Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation

  • Strong analytical skills/problem solving/conceptual thinking/attention to detail.

  • Ability to work effectively with peers and multiple levels of management.

  • Well organized, thorough, with the ability to balance and prioritize competing priorities.

  • Excellent verbal and written communication skills across multiple levels of the organization.

  • Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction


  • At least 7 years of cyber security experience.

  • 5 Years Specializing in incident response and system monitoring and analysis, leading investigations and coordinating security response team activities.

  • Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent work experience.

  • Experience with security frameworks and privacy compliance requirements (ISO 27001, NIST CSF, GDPR, etc.).

  • Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws.

  • Knowledge of multiple computing platforms, including Network, Windows, OSX, Linux, Unix, networks and endpoints.

  • Expertise using Security Correlation and Analytics platforms like Splunk.

Dow Jones , Making Careers Newsworthy

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets .

Dow Jones is committed to providing reasonable accommodation for qualified individuals with disabilities, in our job application and/or interview process. If you need assistance or accommodation in completing your application, due to a disability, please reach out to us at . Please put “Reasonable Accommodation" in the subject line.


Job Category: Technology Group

About Us

Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 125 years and today has one of the world’s largest news gathering operations globally. It produces leading publications and products including the flagship Wall Street Journal, America’s largest newspaper by paid circulation; Factiva, Barron’s, MarketWatch, Financial News, DJX, Dow Jones Risk & Compliance, Dow Jones Newswires, and Dow Jones VentureSource.Dow Jones is a division of News Corp (NASDAQ: NWS, NWSA; ASX: NWS, NWSLV).

If you require assistance in completing the online application, please contact the Talent Management team for Application Help at