Do you want to help us keep our technology estate safe from threats from the inside and outside?
ThoughtWorks is a global software consultancy with an aim to create a positive impact on the world through technology. Our community of technologists thinks disruptively to deliver pragmatic solutions for our clients' most complex challenges. We are curious minds who come together as collaborative and inclusive teams to push boundaries, free to be ourselves and make our mark in tech.
The InfoSec team covers a broad domain of knowledge within the organization. Our work includes security consulting, risk management, cyber security, incident response, and more. It is a very distributed team, spread across the Americas, United Kingdom, Germany, Spain, India, China, Southeast Asia, and Australia. Working effectively through different time zones is a must for us.
Security Operations (SecOps) is a sub-squad of the InfoSec team, and plays an assurance role in ThoughtWorks cybersecurity program. As a part of the squad, you will work with other InfoSec squads (Security Intelligence, Center of Excellence, etc.) and TechOps (Technical Operations) teams to maintain and improve ThoughtWorks’ security posture by identifying and addressing information security threats to the organization.
You are expected to be highly self-motivated, collaborating remotely with team members around the world without requiring much direct supervision.
- Threat hunting & event management:
- Identifying and responding to security threats gathered from various sources;
- Collaborating with InfoSec Security Intelligence squad to expand and improve means of threat hunting;
- Incident responding: as the first responder to an security incident, taking the lead in the incident management cycle, carrying out investigations with relative teams and providing technical support to mitigate the impact, and tracking the incident until closure;
- Vendor review: participate in the Thoughtworks’ vendor review process, assuring that security requirements are observed while adopting 3rd party products & services.
- Help drive continuous improvement in the team's processes, including incident response, communication, reporting and knowledge management.
- Professional working proficiency of the English language (C1 in CEFR)
- (For internal recruiting only) A solid understanding of how internal teams deliver business value to TW
- Thorough knowledge and practical experience in infrastructure and operations with AWS and/or GCP cloud service providers
- Ability to execute third-party vendor security risk assessments
- Skills in analyzing security alerts and determining impact and severity, including but not limited to:
- Identifying malicious software and traffic against ThoughtWorks resources and infrastructure
- Identifying weaknesses and vectors of compromise; Advising best practice configurations
Traits we are looking for:
- Strong sense of teamwork, commitment and delivery
- Strong capability of problem solving & system thinking
- Good ability to communicate effectively with different types of audiences
- Good ability to categorize, visualize, and present findings to stakeholders
- Capable of self-management while following broad strategic objectives on a highly distributed and independent team
- Being able to prioritize and handle unplanned work, and manage varying levels of workload
- Diligence in keeping documentation and paperwork complete and up to date
- Strong interest in continued learning in the security domain
- Strong interest in continued learning about security vulnerabilities and how they translate into business risks
What will you learn?
- Distributed work
- Security (competencies)
- Threat Modelling
- Technical and non-technical security measures
- Infrastructure and cloud security
- Incident management
- Vulnerability management
- Proactive security intelligence analysis
- Consulting skills