How would you leverage your technical expertise to create extraordinary impact for our clients?
ThoughtWorks is a global software consultancy with an aim to create a positive impact on the world through technology. Our community of technologists thinks disruptively to deliver pragmatic solutions for our clients' most complex challenges. We are curious minds who come together as collaborative and inclusive teams to push boundaries, free to be ourselves and make our mark in tech.
Our developers have been contributing code to major organizations and open source projects for over 25 years. They’ve also been writing books, speaking at conferences and helping push software development forward, changing companies and even industries along the way.
As consultants, we work onsite with our clients to ensure we’re evolving their technology and empowering adaptive mindsets to meet their business goals. You could influence the digital strategy of a retail giant, build a bold new mobile application for a bank or redesign platforms using event sourcing and intelligent data pipelines. You will use the latest Lean and Agile thinking, create pragmatic solutions to solve mission-critical problems and challenge yourself every day.
For a team to thrive, it needs active collaboration and room for healthy, respectful debate. Senior Developers are the technologists who cultivate this environment while driving teams toward delivering on an ambitious tech vision and acting as mentors for more junior-level consultants. They leverage their deep technical knowledge to solve more complex business problems and actively assess their team’s health, code quality and nonfunctional pipelines.
Security Intelligence Engineer
InfoSec covers a vast domain of knowledge within the organization. Our work includes security consulting, risk management, cyber security, incident response, and more.
You will work across different tech stacks and cloud providers, leveraging test and infrastructure automation, and lead by example w.r.t. the high bar of engineering standards we’re setting for ThoughtWorks.
InfoSec is a distributed team, spread across the Americas, United Kingdom, Germany, India, China, Southeast Asia, and Australia. Working effectively through different time zones is a must for us. The SecIntel team is location-independent.
- Integrate security tools into the TW technology estate
- Automate the generation of insights from sensors across the TW technology estate
- Monitor the insights gathered from these sensors for threats
- Identify observed risks and threats and clearly communicate them to stakeholders
- Create and champion security-related policies and processes
- Participate in all steps of the Incident Response cycle
- Professional working proficiency of the English language (C1 in CEFR)
- A solid understanding of how internal teams deliver business value to TW
- Practical experience in software engineering on container and serverless platforms
- Practical experience in cloud infrastructure automation with AWS and/or GCP
- Experience in multiple tech stacks and languages. We’ll be mostly working in Python for now, but that will change at some point.
- A keen interest in application and infrastructure security, ideally backed up by some working experience
- While this is not a travel-heavy role, post-COVID you will be required to travel internationally for occasional all-hands meetings, or if other work in your role should require it.
Traits we are looking for:
- Strong influencing skills in advocating for security good practices
- Ability to communicate effectively to different types of audiences
- Ability to categorize, visualize, and present findings to stakeholders
- Strong interest in continued learning in the security domain
- Understanding about how security vulnerabilities translate into business risks
- Capable of self-management while following broad strategic objectives on a location-independent autonomous team
- Strong sense of commitment and delivery
- Being able to prioritize and handle unplanned work
What will you learn?
- Location-independent work
- Test-driven development and test automation in CI/CD
- Infrastructure management and automation
- Vulnerability Management
- Cyber Security
- Threat Modeling
- Technical and non-technical security measures
- Application Security
- Infrastructure Security
- Vulnerability management
- Proactive security intelligence analysis