THE ULTIMATE SOURCE FOR BUSINESS NEWS AND DATA
Every day, Dow Jones’ advanced data capabilities, award-winning journalism and innovative technology deliver news, tools and financial insight to move markets, inform critical decisions and power top companies and careers.
Come help us revolutionize digital media! Are you a self starter who is energized by new challenges and enjoys a sense of accomplishment? Do you enjoy working with dynamic people in a highly collaborative, team environment? If so we want to speak with you.
Dow Jones is currently hiring “get-things-done” technologists with all levels of experience to help reinvent the way we develop products and deliver best in class digital solutions to all of our customers.
As a Lead Cyber Defense Engineer you will play a key role within our Global Cyber Defense Center, providing support for major initiatives of the Dow Jones’ cybersecurity program focusing on reducing our cyber risk exposure by proactive cyber defenses, Incident Detection and Response. Vulnerability identification and remediation.
Primary objectives for the role will be to minimize the impact of active security incidents through innovative approaches to incident response and to minimize the probability of security incidents through proactively improving our ability to prevent, detect, disrupt, investigate, respond to, and recover from those cyber risk events targeting our brands Wall Street Journal, America’s largest newspaper; Factiva, Barron’s, MarketWatch, Financial News, DJX, Dow Jones Risk & Compliance, Dow Jones Newswires, and Dow Jones VentureSource.
As part of your daily responsibilities you will provide cybersecurity guidance to the business and operational technology teams regarding threat mitigation/detection on new and existing services and solutions.
The ideal candidate should be self-motivated and strong in execution of tasks assigned. The individual should be inquisitive in nature, challenging the norm to identify risks, vulnerabilities and threats. This is an amazing opportunity to grow with a global company that is backed by dynamic leadership.
+ Lead an incident response to help the business and tech understand, mitigate and remediate threats and risks impacting our organization immediately.
+ Design and implement orchestration and automation technologies in the event analysis, incident response process and workflows
+ Design war-gaming and tabletop activities as part of red/blue team exercises to strengthen our defenses, test playbooks and mature the overall cyber defense capabilities.
+ Perform continuous vulnerability assessments with different toolsets and methodologies to be able to mature our infrastructure and practices.
+ Create and test new alerting opportunities based on analytical methods like anomaly detection, or to detect malicious techniques.
+ Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
+ Develop threat hunting activities using intelligence, analysis of anomalous log data and results of brainstorming sessions to detect any possible existence and eradicate the possibility of an adversary in our network..
+ Participate in projects and in our Secure Development Lifecycle (SDLC) to ensure the necessary security controls are put in place.
+ Utilizing the MITRE ATT&CK framework identify gaps in our detection and protection capabilities.
+ Perform threat management, threat modeling, identify threat vectors and develop use cases for prevention and security monitoring.
+ Engage in ongoing research in security tools, techniques, and procedures, as well as advanced Threat Detection initiatives based on aggressive security principals, machine learning algorithms, and threat mitigation techniques.
+ Provides written and verbal descriptions of the security defects identified, articulate risk and impact and provide feedback on offensive and defensive cyber operations
+ Provide technical and thought leadership within Cyber Defense by:
+ Teaching other team members and colleagues about both traditional and innovative ways to detect, analyze, and mitigate security incidents and other anomalies.
+ Continuous improvement of Cyber Defense practices and approaches, including authoring SOPs and training documentation
**Qualifications and Skills:**
+ Ability to plan, prioritize and complete your own work, whilst remaining a team player Ability to interact successfully with all levels of management.
+ Experience with security tools including Wireshark, nmap, burp, Snort, and Kali.
+ Demonstrable competency with Information Security frameworks and fundamentals including ISO 27001, NIST, Lockheed Killchain and MITRE ATT&CK-based analytics
+ Experience with threat intelligence standards such as STIX, TAXII, and CybOX
+ Demonstrable Threat Hunting experience
+ Demonstrable Incident Response Workflow experience
+ Fundamental understanding of threat intelligence sharing practices.including IoCs, artifacts, and forensic techniques
+ Hands-on technical experience with: Linux, Windows, Networking, AWS, GCP, hardening, COTS and FOSS patch management and deployment.
+ Exceptional problem solving capabilities and strong documentation, communication skills both verbal and non-verbal
+ Ability to self-manage workload and goals independently in a fast-paced, multi-threaded, and deadline-driven organization
+ Bachelor’s degree in computer science or a related discipline, or equivalent work experience required, 6-10 years of experience in information security or related technology experience required, OSCP, CISSP
**Dow Jones** , Making Careers Newsworthy
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. **EEO/AA/M/F/Disabled/Vets** .
Dow Jones is committed to providing reasonable accommodation for qualified individuals with disabilities, in our job application and/or interview process. If you need assistance or accommodation in completing your application, due to a disability, please reach out to us at TalentResourceTeam@dowjones.com . Please put “Reasonable Accommodation” in the subject line.
Business Area: TECHNOLOGY – INFORMATION SECURITY
Job Category: IT Development Group
Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 125 years and today has one of the world’s largest news gathering operations globally. It produces leading publications and products including the flagship Wall Street Journal, America’s largest newspaper by paid circulation; Factiva, Barron’s, MarketWatch, Financial News, DJX, Dow Jones Risk & Compliance, Dow Jones Newswires, and Dow Jones VentureSource.Dow Jones is a division of News Corp (NASDAQ: NWS, NWSA; ASX: NWS, NWSLV).
**If you are a current employee at Dow Jones, do not apply here. Please go to the Career section on your Workday homepage and view “Find Jobs – Dow Jones.” Thank you.**
Req ID: 17119
Since 1882, Dow Jones has been finding new ways to bring information to the world’s top business entities. Beginning as a niche news agency in an obscure Wall Street basement, Dow Jones has grown to be a worldwide news and information powerhouse, with prestigious brands including The Wall Street Journal, Dow Jones Newswires, Factiva, Barron’s, MarketWatch and Financial News.
This longevity and success is due to a relentless pursuit of accuracy, depth and innovation, enhanced by the wisdom of past experience and a solid grasp on the future ahead. More than its individual brands, Dow Jones is a modern gateway to intelligence, with innovative technology, advanced data feeds, integrated solutions, expert research, award-winning journalism and customizable apps and delivery systems to bring the information that matters most to customers, when and where they need it, every day.