Senior Engineer, Cybersecurity

5+ years of experience in software engineering and/or security engineering space

Understanding of security controls across a variety of security domains, including access management, encryption, vulnerability management, AI security, network security, authentication/authorization, etc

Knowledge of one or more Cloud platforms (AWS, GCP) and best practices for architecting and securing

Experience with software engineering practices (CI/CD, GitOps, IaC, etc.) and related security practices (SAST, SCA, secure by design, shift left, etc.)

Programming skills in at least one language (Go, Python)

Experience with containerization and orchestration platforms

The Senior Engineer, Cybersecurity is a hands-on contributor who designs, builds, and operates security controls and services that protect The Times' systems, data, and users. As a member of the Security Architecture team, you will own complex initiatives end-to-end, drive measurable risk reduction, and collaborate across product engineering and enterprise technology with technical depth, operational rigor, and clear communication aligned with business outcomes.

Cybersecurity helps prevent The Times from becoming news. Our teams work to protect the news makers, their support staff, the platforms they rely on every day, as well as all of The Times' products and services, and our readers who consume them.

Create an environment that favors context, not control. Empower product engineers and ensure they have the relevant information and tools to deliver secure products and services.

Design, implement, and operate security controls and services (e.g., identity and access management, secrets management, endpoint/agent hardening, network segmentation, detection, and response automation) that meet reliability, security, scalability, and observability standards.

Partner with product and platform teams to integrate security into architecture and developer workflows while articulating business impact and tradeoffs.