Application Security Engineer

Time Inc. (NYSE:TIME) is a leading content company that engages over 150 million consumers every month through our portfolio of premium brands across platforms. By combining our distinctive content with our proprietary data and people-based targeting, we offer highly differentiated end-to-end solutions to marketers across the multimedia landscape.

The Data Security: Application Security Engineer will join a team of other Information Security professionals reporting directly to the Global Director of Application Security and Architecture. The qualified candidate will have data security and AWS experience. The Application Security Engineer will join an elite team of some of the smartest minds in the business that have been tasked with performing deep technical security assessments for our most critical applications to ensure that they are highly resilient against security threats. You will work on some of the most cutting edge digital technologies and provide value by solving real world problems that our industry as a whole is facing. Your primary key stakeholders will be the Data Architecture, Engineering and Operations team. You will work directly with them on day-to-day security engineering and development tasks as well as various initiatives and projects focusing on data security. The position will possess the primary skills in performing data security reviews, application security testing, and technical assessments working with the technical and digital development organization. You will be a key member of the team in communicating security weaknesses, exploits, and vulnerabilities to the business and technical teams, and you will be responsible for providing mitigating controls and security solutions.

* Perform data security reviews with a strong understanding of PII data * Identify, document, measure and communicate technical Information Security risks using blended toolsets and exploitation techniques to identify attack surfaces * Determine data compliance requirements and identify applicable security controls * Provide data governance and security best practice principles as it relates to data security * Perform secure architecture reviews for database and data storage architectures

* 3-5 years of combined data security, application security, data governance, data storage and management, and security vulnerability experience * Strong knowledge in data security and the associated data compliance requirements * Strong knowledge in data storage and management * Strong knowledge in AWS architecture and services such as S3, Redshift, DynamoDB, etc. * Strong knowledge in RDBMs such as Oracle, SQL, etc. * Strong knowledge in transformation systems such as EMR, ETL, Lambda, etc. * The ability to conduct basic application penetration testing using a wide variety of exploitation techniques, tools, and procedures. * An understanding of coding and scripting, and ability to provide best coding practices * A self-starter mentality. You are able to work under pressure and with limited supervision. Must be able to successfully prioritize and manage to completion multiple complex tasks and deliverables. Must be able to speak clearly to conduct teleconferences.