Application Security Engineer

Explore the possibilities as an Application Security Engineer

Position Summary

Gannett is seeking talented engineers to join a rapidly growing cyber-security team. The team is responsible for implementing innovative security solutions on cutting-edge cloud technology. This role will work with various teams in securing dozens of Gannett's applications already in the cloud, plus creating security solutions to enable the migration of hundreds more. They will be using a myriad of custom internal and open source tools in a hybrid cloud running thousands of servers, and will have the opportunity to evaluate new processes and shape the policies of new environments.

Technologies and Disciplines

Amazon Web Services, Google Compute Engine, Microsoft Azure, OpenStack Continuous delivery and build servers such as Jenkins, TeamCity or Drone Automation using Python Ruby or Golang, plus extensive use of Chef and Docker

System Environments

Linux (CentOS/RHEL) and Windows Server Stateless servers and containers, such as Docker and Kubernetes Nginx and Apache Webservers MSSQL/MySQL/Postgres databases Couchbase, MongoDB and other NoSQL databases

Position Responsibilities

Security automation development (enabling to move faster, more securely) Application security testing (existing applications and on-boarding of new applications) Automation of existing security toolsets Cyber security evangelization and champion of automation Responding to security incidents

Desired Skills and Experience

Application vulnerability scanning and pen testing Secure coding practices Application security testing practices (S/DAST, IAST, RASP) Web Application Firewalls, IDS/IPS, SQL injection and XSS Security tools: Nessus, Saint, Wireshark, Netcat, Metasploit, Burp Suite, OWASP ZAP Security standards: OWASP Top 10, SANS Top 25, CIS, NIST, CVE Best practices across cloud platforms Cloud+, CCSK, AWS CSA, Security+

Minimum Qualifications

Work history applying security to cloud automation or implementation 3+ years experience in Linux systems administration or cybersecurity Experience deploying to AWS or other clouds Experience with Chef and Docker or other configuration management tools Familiarity with the OWASP Top 10, and common attack vectors

Additional Considerations

Automation experience using Python or Bash (plus source control such as git) Knowledge of Ruby Experience using a opensource tools like clair, security monkey

Gannett Co., Inc. (NYSE: GCI) is a proud equal opportunity employer. We are a drug free, EEO employer committed to a diverse workforce. We will consider all qualified candidates regardless of race, color, national origin, sex, age, marital status, personal appearance, sexual orientation, gender identity, family responsibilities, disability, education, political affiliation or veteran status.

Connect with us on LinkedIn, Twitter, Facebook, Glassdoor, Indeed & The Muse to learn more about our dynamic company culture!

Meet Some of USA TODAY NETWORK's Employees

Jade H.

Project Manager, People Division

Jade helps streamline operations while keeping tabs on company culture. Her role goes beyond transactional tasks and includes social engagement and Human Resources communication.

Shawn S.

Editor, Interactive Graphics

Shawn works with a talented team of reporters, editors, designers, and developers to inform readers through deliberate visual storytelling. He handles a range of work that ranges from the news cycle to year-long investigations.

Back to top