Sr Information Security Engineer

US-NY-New York
Category
Information Technology
Ziff Davis
Type
Regular Full-Time

Overview

Ziff Davis, a subsidiary of j2 Global, Inc., is a leading global digital-media company operating in four core verticals: Technology, Gaming, Healthcare and Shopping. Its brands – PCMag, Speedtest, ExtremeTech, Geek, Toolbox, IGN, Everyday Health, AskMen, Offers.com, TechBargains, emedia and Salesify – produce and distribute premium content across multiple platforms and devices. Ziff Davis delivers advertising, performance marketing, data services and licensing solutions to thousands of clients worldwide. Ziff Davis publishes in 25 languages and successfully partners with local publishing operators across 114 countries.

 

This position will report to the Director of Information Security at Ziff Davis and focus on partnering with teams across the business to ensure that we make strategic risk based decisions informed by security analysis, employ systems and processes to harden our Infrastructure and web apps, and implement methods to detect and respond to intrusions as they happen.

Responsibilities

  • Provide subject matter expertise in all areas security, including authentication, architecture, data protection, and systems security
  • Manage security projects across Ziff Davis properties
  • Perform security architecture reviews and provide feedback on proposed designs
  • Design and implement solutions to detect and prevent compromise; from initial compromise through persistence, lateral movement, and exfiltration
  • Evangelize secure coding practices across engineering teams
  • Managing of SIEM tools, monitoring of alerts and performing security incident response activities
  • Use attack driven techniques to improve our applications and systems defenses, and discover new vulnerabilities across our production, corporate and cloud infrastructure
  • Analyze vulnerabilities discovered through scanning or industry reporting and propose remediation approaches
  • Recommend critical security tools and drive their capability and functionality improvements along with their associated processes.
  • Automate and streamline existing security processes and procedures
  • Perform cutting-edge applied research on new attacks and present new findings to both internal and external audiences

Qualifications

  • Strong Interpersonal skills necessary including decision making ability, persuasion, negotiation, cooperation and diplomacy.
  • Excellent verbal and written communication skills (e.g., presentation, listening and writing/drafting) required.
  • Ability to work under tight deadlines, work independently and manage a substantial workload is required, as are strong document and spreadsheet skills.
  • Solid understanding of cybersecurity frameworks such as NIST and ISO 2700X series,
  • Experience with open source and commercial security tools, manual security testing methods, and AWS and other cloud services
  • Strong ability to think like an attacker
  • 3+ years in the information security field
  • CISSP, CISM or CCSP qualifications preferred, but not required

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed