Listing Description
As a member of the Information Security Office, you will be responsible for performing code review and penetration testing. You will serve as a technical reference for developers and represent the InfoSec office on various initiatives. You will collaborate with colleagues across a variety of teams to craft and guide projects securely. Your work will help improve our ability to protect our data, communications, journalists and sources. You will also play an integral role in ensuring that we securely serve content to our subscribers.--Responsibilities--
Analyze and discover vulnerabilities in NYT’s web stack, iOS and Android applications
Identify gaps in existing security architecture and recommend improvements
Field ad hoc requests and work with developers when called upon
Assist in Implementing application security activities as part of a larger Continuous Delivery pipeline
Be part of an on-call rotation to analyze and resolve critical security issues and incidents
Participate in the buildout and maintenance of a well-defined application security program
Participate in learning reviews following security incidents and deliver technical reports
--Qualifications--
3+ years of relevant security experience
Fundamental understanding of web application architecture and cloud environments
Working knowledge in securing Node.js, Java, Go or Python applications
Experience with Docker, Kubernetes or similar platforms
Proficient in technical writing and able to communicate effectively
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: No Requirements
- Travel: No Travel
- Telework: Optional Telecommute