Senior Cybersecurity Engineer

The Senior Cybersecurity Engineer is responsible for designing, implementing, and maintaining the organization's cybersecurity infrastructure to protect digital publishing platforms, newsroom systems, corporate applications, and sensitive data. This role serves as a senior technical expert, leading security initiatives, driving the implementation of security controls, and supporting the organization's overall cybersecurity strategy.   The Senior Cybersecurity Engineer works closely with IT, Engineering, Product, Data, and business stakeholders to identify and mitigate security risks, strengthen security posture, and ensure compliance with organizational policies and industry best practices. This position plays a critical role in securing systems that support the delivery of trusted journalism while maintaining the confidentiality, integrity, and availability of enterprise technology assets.   Responsibilities:  Security Engineering & Architecture Design, implement, and maintain enterprise security solutions across cloud, on-premises, and hybrid environments. Lead the development and enhancement of security architecture, ensuring alignment with business objectives and security best practices. Evaluate and recommend security technologies, tools, and controls to strengthen organizational defenses. Partner with engineering teams to integrate security requirements into system design and development processes. Threat Detection & Incident Response Lead investigations of security incidents, alerts, and potential threats. Perform advanced threat hunting and analysis to identify emerging risks and vulnerabilities. Develop and maintain incident response procedures, playbooks, and remediation strategies. Coordinate containment, eradication, and recovery efforts during cybersecurity incidents. Vulnerability & Risk Management Conduct vulnerability assessments and security reviews across infrastructure, applications, and cloud environments. Report findings to leadership.  Prioritize and coordinate remediation efforts based on risk assessments. Perform security testing and validation of implemented controls. Provide recommendations to reduce organizational risk and improve security maturity. Security Operations & Monitoring Oversee security monitoring platforms and detection capabilities. Develop and optimize security alerts, dashboards, and response workflows. Analyze security logs and system activity to identify indicators of compromise. Support continuous improvement of security operations processes and procedures. Compliance & Governance Maintaining compliance with applicable security frameworks, policies, and regulatory requirements. Conduct audits, risk assessments, and security reviews. Develop and maintain security documentation, standards, and technical procedures. Collaboration & Security Advocacy Partner with cross-functional teams to ensure security considerations are incorporated into technology initiatives. Provide security guidance to infrastructure, engineering, and product teams. Mentor junior engineers and technical staff on cybersecurity best practices. Support security awareness and training initiatives across the organization. Performs other duties as assigned. Requirements: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field required and 8+ years of experience in cybersecurity, security engineering, information security, or related technical roles OR 10+ years of experience in cybersecurity, security engineering, information security, or related technical roles. Demonstrated experience implementing and managing enterprise security technologies. Experience leading complex security initiatives and incident response efforts. Technical Expertise Strong knowledge of network security, cloud security, endpoint security, identity and access management, and security architecture principles. Experience with SIEM, EDR, vulnerability management, intrusion detection/prevention, and security monitoring platforms. Demonstrated experience mentoring or coaching technical staff Experience securing cloud environments such as AWS, Azure, or Google Cloud Platform. Knowledge of security frameworks including NIST, CIS Controls, ISO 27001, or similar standards. Familiarity with scripting or automation technologies such as PowerShell, Python, or similar tools. Skills & Competencies Strong analytical and problem-solving skills. Excellent written and verbal communication abilities. Ability to manage multiple priorities and work independently. Strong attention to detail and commitment to continuous improvement. Preferred Qualifications: Industry certifications such as CISSP, GIAC, GSEC, GCIH, CCSP, Security+, or equivalent. Experience supporting media, publishing, digital content platforms, or high-traffic consumer-facing environments. Experience leveraging AI-enabled security tools and automation technologies to enhance threat detection, incident response, and operational efficiency.