Cyber Security Engineer

Описание вакансии

Who we are

We are an organisation that exists to drive progress. That's the “red thread” that connects everyone at The Economist Group (TEG). Our businesses share a devotion to innovation, independence and rigour in their fields of expertise. We empower people to understand and tackle the critical challenges and changes facing the world. Our analytical rigour, global expertise and evidence-based insights enable individuals and organisations to make sense of these shifts and chart a course through them.

We deliver analysis and insights in many formats to subscribers and clients in 170 countries through our four businesses, The Economist, Economist Impact, Economist Intelligence and Economist Education, which uphold our global reputation for excellence and integrity.

This role is the collective glue that holds the information security program together.

We are looking for a highly motivated engineer responsible for designing, implementing, managing, monitoring and upgrading an organization's cybersecurity measures. At The Economist Group we have four business units specialized in editorial publications, impact think-tank, data forecasting, and distributed professional education. Our web and mobile applications allow customers to get the latest critical insights which drive global decisions. As a Cybersecurity Engineer for The Economist Group you will be expected to protect organizational systems and networks from cyber threats by responding to security breaches, testing and identifying vulnerabilities and communicating their security findings to managerial-level executives in an organization.

What You’ll Do

Responsibilities:

• Support teams to implement, identify and advance security at the Economist
• Conduct pen tests and risk assessments to prioritize threats and compare mitigation strategies.
• Work with Economist teams, external suppliers and engage with the customer to develop new policies, design processes / procedures and develop technical designs to drive remediation.
• Help to design a secure connected architecture.
• Assist engineering teams in developing secure systems
• Audit embedded code to identify security vulnerabilities and develop solutions
• Lead security engineering initiatives and serve as a point of contact
• Develop the security baselines and documentation as per required
• Work with monitoring and ensure logs are forwarded to the SIEM capability
• Assess vulnerabilities and implement solutions and strategies that mitigate those risks
• Identify, implement, and automate cybersecurity measures and best practices
• Coordinating incident response across the organization to respond to threats and security breaches
• Upgrade security solutions, research new attack vectors and develop threat models
• Performing security control audits and coordinating with other teams within the organization to implement the outcomes of security controls

Skills:

• Cloud Security and Development (AWS a prerequisite)
• Understanding and experience with CICD and secure CICD best practices (CircleCI)
• Vulnerability Mgmt tooling (code scanning, IaC)
• Security expertise in cryptography and exploit development
• Strong investigative and analytical problem solving skills.
• Experience with secure architecture design. Strong communication skills, both written and spoken.
• Penetration testing experience.
• Proficient in software development, auditing code and features.
• Experience with SQL and API development best practices is a plus.

Qualifications:

• Bachelor's or Master's degree in Computer Science, Cyber Security, or a related field or proof of exceptional skills in related fields, with practical software engineering experience.
• Previous proven experience in Cyber Security
• In-depth knowledge of security frameworks (NIST, ISO 27001, CIS Controls).
• AWS specific certifications such as: AWS Certified Security - Specialty, or AWS Certified Developer are a plus.
• Industry certifications, such as: CISSP, CISM, or CISA, are a plus.

#LI-Hybrid 

Working Arrangements

The majority of our roles operate on a hybrid working pattern, with 3+ days office attendance required.

AI usage for your application

We are an innovative organisation that encourages the use of technology. We recognise that candidates may utilise AI tools to support with their job application process. However, it is essential that all information you provide truthfully and accurately reflects your own experience, skills, and qualifications.

What we offer

Our benefits package is designed to support your wellbeing, growth, and work-life balance. It includes a highly competitive pension or 401(k) plan, private health insurance, and 24/7 access to counselling and wellbeing resources through our Employee Assistance Program.

We also offer a range of lifestyle benefits, including our Work From Anywhere program, which allows you to work from any location where you have the legal right to do so for up to 25 days per year. In addition, we provide generous annual and parental leave, as well as dedicated days off for volunteering and even for moving home.

You will also be given free access to all The Economist content, including an online subscription, our range of apps, podcasts and more.