Menú

Security Intelligence Engineer

Security Intelligence Engineer2021-01-13T07:35:03-05:00<p><em><span style="font-weight: 400;">How would you leverage your technical expertise to create extraordinary impact for our clients?</span></em></p> <p><span style="font-weight: 400;">ThoughtWorks is a global software consultancy with an aim to create a positive impact on the world through technology. Our community of technologists thinks disruptively to deliver pragmatic solutions for our clients' most complex challenges. We are curious minds who come together as collaborative and inclusive teams to push boundaries, free to be ourselves and make our mark in tech.</span></p> <p><span style="font-weight: 400;">Our developers have been contributing code to major organizations and open source projects for over 25 years. They’ve also been writing books, speaking at conferences and helping push software development forward, changing companies and even industries along the way.&nbsp;</span></p> <p><span style="font-weight: 400;">As consultants, we </span><a href="https://www.thoughtworks.com/careers/hub/consultant-life"><span style="font-weight: 400;">work onsite with our clients</span></a><span style="font-weight: 400;"> to ensure we’re evolving their technology and empowering adaptive mindsets to meet their business goals. You could influence the digital strategy of a retail giant, build a bold new mobile application for a bank or redesign platforms using event sourcing and intelligent data pipelines. You will use the latest Lean and Agile thinking, create pragmatic solutions to solve mission-critical problems and challenge yourself every day.</span></p> <p><span style="font-weight: 400;">For a team to thrive, it needs active collaboration and room for healthy, respectful debate. Senior Developers are the technologists who cultivate this environment while driving teams toward delivering on an ambitious tech vision and acting as mentors for more junior-level consultants. They leverage their deep technical knowledge to solve more complex business problems and actively assess their team’s health, code quality and nonfunctional pipelines.&nbsp;</span></p> <p><strong>Security Intelligence Engineer</strong></p> <p><em><span style="font-weight: 400;">InfoSec covers a vast domain of knowledge within the organization. Our work includes security consulting, risk management, cyber security, incident response, and more.</span></em></p> <p><em><span style="font-weight: 400;">You will work across different tech stacks and cloud providers, leveraging test and infrastructure automation, and lead by example w.r.t. the high bar of engineering standards we’re setting for ThoughtWorks.&nbsp;</span></em></p> <p><em><span style="font-weight: 400;">InfoSec is a distributed team, spread across the Americas, United Kingdom, Germany, India, China, Southeast Asia, and Australia. Working effectively through different time zones is a must for us. The SecIntel team is location-independent.&nbsp;</span></em></p> <p><strong>Role responsibilities:</strong></p> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Integrate security tools into the TW technology estate</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Automate the generation of insights from sensors across the TW technology estate</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Monitor the insights gathered from these sensors for threats</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Identify observed risks and threats and clearly communicate them to stakeholders</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Create and champion security-related policies and processes</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Participate in all steps of the Incident Response cycle</span></li> </ul> <p><strong>You'll bring:</strong></p> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Professional working proficiency of the English language (C1 in </span><a href="https://en.wikipedia.org/wiki/Common_European_Framework_of_Reference_for_Languages"><span style="font-weight: 400;">CEFR</span></a><span style="font-weight: 400;">)</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">A solid understanding of how internal teams deliver business value to TW</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Practical experience in software engineering on container and serverless platforms</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Practical experience in cloud infrastructure automation with AWS and/or GCP</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Experience in multiple tech stacks and languages. We’ll be mostly working in Python for now, but that will change at some point.</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">A keen interest in application and infrastructure security, ideally backed up by some working experience</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">While this is not a travel-heavy role, post-COVID you will be required to travel internationally for occasional all-hands meetings, or if other work in your role should require it.</span></li> </ul> <p><strong>Traits we are looking for:</strong></p> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Strong influencing skills in advocating for security good practices</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Ability to communicate effectively to different types of audiences</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Ability to categorize, visualize, and present findings to stakeholders</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Strong interest in continued learning in the security domain</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Understanding about how security vulnerabilities translate into business risks</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Capable of self-management while following broad strategic objectives on a location-independent autonomous team</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Strong sense of commitment and delivery</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Being able to prioritize and handle unplanned work</span></li> </ul> <p><strong>What will you learn?</strong></p> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Location-independent work</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">DevSecOps</span></li> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Test-driven development and test automation in CI/CD</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Infrastructure management and automation</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Vulnerability Management</span></li> </ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Cyber Security</span></li> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Threat Modeling</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Technical and non-technical security measures</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Application Security</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Infrastructure Security</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Vulnerability management</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Proactive security intelligence analysis</span></li> </ul> </ul>ThoughtworksBangaloreIndia