Application Security Engineer
Explore the possibilities as an Application Security Engineer
Gannett is seeking talented engineers to join a rapidly growing cyber-security team. The team is responsible for implementing innovative security solutions on cutting-edge cloud technology. This role will work with various teams in securing dozens of Gannett's applications already in the cloud, plus creating security solutions to enable the migration of hundreds more. They will be using a myriad of custom internal and open source tools in a hybrid cloud running thousands of servers, and will have the opportunity to evaluate new processes and shape the policies of new environments.
Technologies and Disciplines
Amazon Web Services, Google Compute Engine, Microsoft Azure, OpenStack Continuous delivery and build servers such as Jenkins, TeamCity or Drone Automation using Python Ruby or Golang, plus extensive use of Chef and Docker
Linux (CentOS/RHEL) and Windows Server Stateless servers and containers, such as Docker and Kubernetes Nginx and Apache Webservers MSSQL/MySQL/Postgres databases Couchbase, MongoDB and other NoSQL databases
Security automation development (enabling to move faster, more securely) Application security testing (existing applications and on-boarding of new applications) Automation of existing security toolsets Cyber security evangelization and champion of automation Responding to security incidents
Desired Skills and Experience
Application vulnerability scanning and pen testing Secure coding practices Application security testing practices (S/DAST, IAST, RASP) Web Application Firewalls, IDS/IPS, SQL injection and XSS Security tools: Nessus, Saint, Wireshark, Netcat, Metasploit, Burp Suite, OWASP ZAP Security standards: OWASP Top 10, SANS Top 25, CIS, NIST, CVE Best practices across cloud platforms Cloud+, CCSK, AWS CSA, Security+
Work history applying security to cloud automation or implementation 3+ years experience in Linux systems administration or cybersecurity Experience deploying to AWS or other clouds Experience with Chef and Docker or other configuration management tools Familiarity with the OWASP Top 10, and common attack vectors
Automation experience using Python or Bash (plus source control such as git) Knowledge of Ruby Experience using a opensource tools like clair, security monkey
Gannett Co., Inc. (NYSE: GCI) is a proud equal opportunity employer. We are a drug free, EEO employer committed to a diverse workforce. We will consider all qualified candidates regardless of race, color, national origin, sex, age, marital status, personal appearance, sexual orientation, gender identity, family responsibilities, disability, education, political affiliation or veteran status.
Connect with us on LinkedIn, Twitter, Facebook, Glassdoor, Indeed & The Muse to learn more about our dynamic company culture!
Meet Some of USA TODAY NETWORK's Employees
Project Manager, People Division
Jade helps streamline operations while keeping tabs on company culture. Her role goes beyond transactional tasks and includes social engagement and Human Resources communication.
Back to top