Program Director, Infrastructure Security & Automation
A World-Class Publisher of Business News and Information.
News. Insight. Technology.
Dow Jones & Company is looking for a leader of our Cloud & Infrastructure Security Program. This role is responsible for ensuring the cloud & on-prem infrastructure powering DJ systems is built to the highest security standards to prevent cybersecurity breaches before they happen. This role will collaborate on a daily basis with our DevOps and system engineering teams. The ideal candidate would have a good mix of technical and non-technical skills.
This position will report into the CISO through our Secure Design & Architecture function and will have direct reports. As the company invests further in this area, there is room for innovation and growth for a knowledgeable, hands-on, collaborative and energetic individual.
- Responsible for building, maintaining and executing a strategy for securing all elements of the technology infrastructure in partnership with our DevOps & System Engineering teams:
- Cloud and on-prem infrastructure (server, network, firewalls, email, DLP)
- Endpoints (desktop/laptop, mobile, BYOD)
- Identity & Access Management (2FA, Privileged Access, Remote Access)
- Technical Security
- Architects, prioritizes, coordinates and communicates the choice of security technologies necessary to ensure a highly secure yet usable computing environment
- Collaborate with other members of the technical architecture community to ensure successful implementation of security strategies and architectures to enterprise applications
- Ownership of security technologies such as AV, Next-gen endpoint prevention technologies (sandboxing, white/black listing…), Data Loss Prevention, File Integrity Monitoring, Web Filtering, NAC
- Ensure security tools are optimized, fine-tuned and integrated into operational procedures
- Perform risk assessments of enterprise apps (Google Drive, Dropbox, Workday, Slack, Finance systems…) and work closely with project teams on building/configuring security in
- Collaboration tools like Google Drive, Dropbox, Slack
- FInance & HR systems like Peoplesoft and Workday
- CRM tols like Salesforce
- Collaborate with CIO function to embed security into standard operating procedures such as change management, privileged access, system lifecycle management
- Leads the development of policies, standards & baselines to ensure a consistent and secure infrastructure
- Monitor changing threat landscape to identify and address areas of concern
- Work to identify and cultivate strong relationships with members of the organization outside of Technology
- Lead, manage & grow team, including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions
- Collaborate with DJ Security Operations team to build processes to to handle alarms from security stack
- Collaborate with the DJ Product Security team to implement controls to help meet client security requirements
Skills & Experience
- Eight years of experience in Cybersecurity
- Six years of experience with cloud & infrastructure security
- Experience with design & architecture using modern design patterns in a cloud environment
- Experience with cloud models such as IaaS, PaaS, SaaS and the security implications and requisite control frameworks
- Broad technical knowledge of cloud, IT Infrastructure services, including security, directory services, identity management, network, systems, storage, databases, PKI, VPN, SSO, federation services, WIFI
- Knowledge about how to secure modern server OS’ (Linux, Windows), desktop OS’ (Windows, Mac) and mobile OS’ (Apple iOS, Android)
- Knowledge of security best practices like least privilege, defense in depth, attack surface analysis
- An understanding of modern development processes including agile development
- Professional certification in security (for example CISSP)
- Knowledge of IT governance and operations
- Familiarity with security related certifications such as PCI, SoX, ISO27001
- Must possess great oral and written communication skills
- Ability to communicate complicated technical issues and risks to engineers, project managers and product managers
- Experience managing people, employee career development, team building, and conflict resolution
Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 125 years and today has one of the world’s largest news gathering operations globally. It produces leading publications and products including the flagship Wall Street Journal, America’s largest newspaper by paid circulation; Factiva, Barron’s, MarketWatch, Financial News, DJX, Dow Jones Risk & Compliance, Dow Jones Newswires, and Dow Jones VentureSource.Dow Jones is a division of News Corp (NASDAQ: NWS, NWSA; ASX: NWS, NWSLV).
Equal Opportunity Employer:
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets
Our products inform the discussions and decisions that are vital to the world's commerce, while our databases make the business world more transparent. We continually develop technology to transform information into insight and prosperity. We enlighten and inspire audiences around the globe with authoritative, differentiated and trusted content.
Business News, Risk & Compliance, Market Intelligence, Private Markets, Digital Media, Wealth Management, Algorithmic & Quantitative Trading, Research & Knowledge Management, News Archives, Conferences, Market Moving News, Investment Banking
Company Type: Public Company
Company Size: 1,001-5000