DevSecOps Engineer

Requirements

• Cloud Security and Development (AWS a prerequisite)
• Understanding and experience with CICD and secure CICD best practices (CircleCI)
• Vulnerability Mgmt tooling (code scanning, IaC)
• Security expertise in cryptography and exploit development
• Strong investigative and analytical problem solving skills
• Experience with secure architecture design. Strong communication skills, both written and spoken
• Penetration testing experience
• Proficient in software development, auditing code and features
• Experience with SQL and API development best practices is a plus
• Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related field or proof of exceptional skills in related fields, with practical software engineering experience
• Previous proven experience in Cyber Security
• In-depth knowledge of security frameworks (NIST, ISO 27001, CIS Controls)
• AWS specific certifications such as: AWS Certified Security – Specialty, or AWS Certified Developer are a plus
• Industry certifications, such as: CISSP, CISM, or CISA, are a plus

What the job involves

• We are looking for a highly motivated engineer responsible for designing, implementing, managing, monitoring and upgrading an organization’s cybersecurity measures
• At The Economist Group we have four business units specialized in editorial publications, impact think‑tank, data forecasting, and distributed professional education
• Our web and mobile applications allow customers to get the latest critical insights which drive global decisions
• As a Cybersecurity Engineer for The Economist Group you will be expected to protect organizational systems and networks from cyber threats by responding to security breaches, testing and identifying vulnerabilities and communicating their security findings to managerial-level executives in an organization
• Support teams to implement, identify and advance security at the Economist
• Conduct pen tests and risk assessments to prioritize threats and compare mitigation strategies
• Work with Economist teams, external suppliers and engage with the customer to develop new policies, design processes / procedures and develop technical designs to drive remediation
• Help to design a secure connected architecture
• Assist engineering teams in developing secure systems
• Audit embedded code to identify security vulnerabilities and develop solutions
• Lead security engineering initiatives and serve as a point of contact
• Develop the security baselines and documentation as per required
• Work with monitoring and ensure logs are forwarded to the SIEM capability
• Assess vulnerabilities and implement solutions and strategies that mitigate those risks
• Identify, implement, and automate cybersecurity measures and best practices
• Coordinating incident response across the organization to respond to threats and security breaches
• Upgrade security solutions, research new attack vectors and develop threat models
• Performing security control audits and coordinating with other teams within the organization to implement the outcomes of security controls

#J-18808-Ljbffr…