We are looking for a principal cloud security engineer with DevOps experience to join our team of application developers and support a number of security and compliance initiatives. In this role, you will focus on finding the balance between security and performance needs in cloud like Amazon and Google.
As a principal cloud security engineer, you will be responsible for:
● Reviewing new technologies and products for security implications
● Helping the engineering productivity team and others in solving cyber security problems in a way that not
only comply with required standards, but also contribute materially to the security of Dow Jones systems.
● Manage day to day operations of the WAF products and fine tune exceptions lists.
● Advising, influencing and educating the rest of the company on matters of compliance and security.
● Implement AWS cloud security groups and policies for applications deployments
● Assist security liaison on the proof of concepts for security and performance solutions.
● Providing expert advice during security incidents, and communicating technical ideas to technical and
non-technical audiences clearly in speech and prose
existing products and technologies.
About the Team
Dow Jones' engineering productivity and InfoSec Team is responsible for safeguarding the security of Dow Jones' infrastructure and provide internal advocacy for security practices. Within this larger context, the Information Security and engineering productivity team works closely with product and platform teams throughout the company to help ensure that Dow Jones systems meet both the safety and security compliance needs of our customers.
Required Education and Experience
Applicants must meet one of the following education and experience requirements:
● Security certifications (e.g., OSCP) are a plus
● Programming experience, preferably with a diversity of languages
● Seasoned AWS Technologies Engineer
● Knowledgeable in CI tools including Jenkins, Artifactory, Github, Terraform and Docker
● Strong SDLC background in Agile/Iterative practices particularly for Continuous Integration
● Document infrastructure and design decisions along with being able to explain those decisions
both to business and tech owners.
● Application performance and low latency applications
● A strong work ethic and a positive attitude
● Excellent technical aptitude and a desire to learn constantly
● Clear written and verbal communications and active listening
● Responsible, self-disciplined, and motivated
● Experience with industry compliance and security standards including one or more of the following: PCI, ISO 27001, HIPAA, NIST/DoD frameworks, HITECH, FedRAMP
● Comfort working with arbitrary and sometimes contradictory requirements Desired tools and technologies (not a complete list but, search keywords)
Application security - Primary Infrastructure security - secondary Standard and Compliances - optional
Technology WAF, Akamai WAF, Amazon WAF - Web Application Firewall Technology SAST - Static Application Security Testing
Technology DAST - Dynamic Application Security Testing
Technology HTTP protocols
Certificate management Cipher suites
Toolset OWASP top 10 Toolset Kali-linux
Amazon AWS cloud security and tools.
Cloud front and other
Scripting, nodejs or bash or perl or python or nodejs-lambda Docker or EC2
Dow Jones , Making Careers Newsworthy
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets .
Dow Jones is committed to providing reasonable accommodation for qualified individuals with disabilities, in our job application and/or interview process. If you need assistance or accommodation in completing your application, due to a disability, please reach out to us at TalentResourceTeam@dowjones.com . Please put “Reasonable Accommodation" in the subject line.
Business Area: TECHNOLOGY - PRODUCT DEVELOPMENT
Job Category: IT Development Group
Since 1882, Dow Jones has been finding new ways to bring information to the world’s top business entities. Beginning as a niche news agency in an obscure Wall Street basement, Dow Jones has grown to be a worldwide news and information powerhouse, with prestigious brands including The Wall Street Journal, Dow Jones Newswires, Factiva, Barron’s, MarketWatch and Financial News.
This longevity and success is due to a relentless pursuit of accuracy, depth and innovation, enhanced by the wisdom of past experience and a solid grasp on the future ahead. More than its individual brands, Dow Jones is a modern gateway to intelligence, with innovative technology, advanced data feeds, integrated solutions, expert research, award-winning journalism and customizable apps and delivery systems to bring the information that matters most to customers, when and where they need it, every day.
If you are a current employee at Dow Jones, do not apply here. Please go to the Career section on your Workday homepage and view "Find Jobs - Dow Jones." Thank you.
Req ID: 20224