Listing Description
As part of the Information Security Office, you will be responsible for assisting in the design and implementation of our application security program. In this role, you’ll be performing code review and penetration testing, serving as a technical reference for developers and represent the InfoSec office on various initiatives. You will collaborate with colleagues across a variety of teams to architect and ship projects securely. Your work will have a direct, tangible impact on our ability to protect our data, communications, journalists and sources. You will also play an integral part in ensuring that we securely serve content to our subscribers.
--Responsibilities--
Analyze and discover vulnerabilities in NYT’s web stack, iOS and Android applications
Identify gaps in existing security architecture and recommend improvements
Review and advise on the security design of new technology projects
Implement application security activities as part of a larger Continuous Delivery pipeline
Be part of an on-call rotation to analyze and resolve critical security issues and incidents
Participate in the buildout and maintenance of a well defined application security program
Participate in learning reviews following security incidents and deliver technical reports
--Qualifications--
5+ years of relevant security experience
Exceptional analytical, critical thinking and decision making skills
Fundamental understanding of web application architecture and cloud environments
Solid experience securing Node.js, Java, Go or Python applications
Solid experience with Docker and Kubernetes or similar platforms
-Proficient in technical writing and able to communicate effectively to all levels of staff
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: No Requirements
- Travel: No Travel
- Telework: Optional Telecommute