Information Security Specialist
As the leading independent modern media company, Vox Media ignites conversations and influences culture. Across digital, podcasts, TV, streaming, live events, and print, we tell stories that affect our audience's daily lives and entertain as much as they inform.
Our portfolio features influential and respected editorial properties including Vox, New York Magazine, The Verge, The Cut, Eater, Vulture, The Strategist, Polygon, SB Nation, Intelligencer, Curbed, Grub Street and Recode. Off-platform, the Vox Media Podcast Network offers one of the largest collections of popular podcasts, and Vox Media Studios produces and distributes the award-winning nonfiction shows. Powered by innovative technology that scales quality, the Chorus publishing platform and Concert advertising marketplace answer the always-changing needs of modern audiences, creators and marketers.
Vox Media has been named one of Fast Company’s “Most Innovative Companies in Media,” an Inc. “Company of the Year,” Digiday’s “Best Company for Parents,” and one of the Best Places to Work for LGBTQ Equality by the Human Rights Campaign.
About the role:
As an Information Security Specialist, you will work alongside the Information Security, Product Engineering, and Revenue Engineering teams to help implement security best practices for our Secure Development Lifecycle as well as assist in our Continuous Integration and Deployment pipelines. The ideal candidate will have a software development background with a focus on security best practices. This role will help define, document, and implement new security best practices so outstanding written and verbal communication is necessary.
What you’ll do:
- Work directly with the InfoSec team to design and implement and maintain security controls around software development
- Consult with the engineering teams to document and improve on existing practices to align with security frameworks such as BSIMM and ISO 27001
- Develop and manage secure development training resources for the product and revenue engineering teams
- Perform risk analysis of new technologies and third party services
- Promote a security culture for product and engineering teams
- Consult with the SRE team and Vox Product teams to implement best practices for security for SaaS operations
- Provide recommendations to improve processes in DevOps to meet security initiatives
- Design and automate security processes into the DevOps pipeline
- Monitor Vox Media Enterprise for security events and perform incident response activities
- Leverage existing security tools to build out automations for security related functions
What you’ll bring:
- Bachelor's Degree in Computer Science or related field
- 3+ years of experience in DevOps role for SaaS applications
- 3+ years of experience in DevSecOps environment
- Experience with implementation of Continuous Integration and Continuous Delivery practices
- Strong written and verbal communication and presentation skills
- Effective organizational and program management abilities
- Ability to cultivate strong and trusting relationships across Vox Media and its networks, at times with either the most vulnerable or most senior stakeholders
- Knowledge of and perspective on information security tools, current trends, and hot-spots
- Expertise with cloud and/or SaaS security best practices
- Experience implementing compliance programs including ISO, BSIMM, or other security frameworks for secure development
- Industry certification (CISA, CIA, CISSP, CPA ), CISSP and CISM strongly preferred
- SaaS engineering and development team experience preferred
- Media company experience preferred
About working at Vox Media:
This is a permanent, full-time position with excellent benefits—including flexible hours and generous parental leave. Vox Media strives to provide comprehensive healthcare options for our employees and to ensure that our healthcare and other benefits are LGBTQ-inclusive. You'll be joining a group of focused, hard-working, creative people who are passionate about doing work that's challenging and fun—and who strive to maintain a healthy work/life balance.
Vox Media is committed to building an inclusive environment for people of all backgrounds and everyone is encouraged to apply. Vox Media is an Equal Opportunity Employer and does not discriminate on the basis of race, color, gender, sexual orientation, gender identity or expression, religion, disability, national origin, protected veteran status, age, or any other status protected by applicable national, federal, state, or local law.