New York, USA
Enterprise Security Architect
You are the lead on the ground for platform security, both in terms of security services that need to be built out, but even more critically, what the prescription is for integrating with those tools. Your experience with identity management, PKI, and authentication/authorization tool integration will be critical as clients try and build a clear roadmap for how to build core security services into the platform.
As a trusted partner to help set their vision, you’ll be pushing industries forward and helping them through their difficult technology challenges. As a servant-leader, you’ll foster an environment that empowers teams and will pursue the development of your team members, setting everyone up to deliver their best work.
As an Enterprise Security Architect here's what we'll be looking for you to bring:
- Subject Matter Expertise in most of the following areas:
- Pipeline and Delivery Infrastructure security
- Architectural patterns and integration with Identity Providers and Corporate Id (e.g. OAuth 2.0, SAML, LDAP, 2FA)
- Authorization strategies and policy management approaches
- Facilitating developer integration with enterprise security services through standardized client libraries, templates, and scaffolding
- Cloud network topology and account management (e. g. AWS VPC, IAM)
- PKI infrastructure and secret management
- Strategies for controlling access to pipeline resources like CI tools and artifact repos
- Integration with API gateway tools
- Developing strategies around logging and auditing practice and tooling that enable security teams the visibility they need to do their job well
- You see the role of a security professional as one of enablement: rather than mitigating risk by preventing change, you think it's your job to provide security solutions that make the right thing to do, the easy thing to do.
- You are able to formulate, champion, and drive the vision for major security initiatives that are truly transformational for businesses operating in large and complex environments.
- You understand technology is at the core of every business and realize its transformative power to break through traditional enterprise models.
- You understand the business risks and challenges that organizations face.
- Leadership is not something you do from far away; you get the importance of taking people with you along the journey and are able to influence and coach those around you to orchestrate team success. Strong stakeholder management and interaction at different levels is essential. You prefer to be effective than to be right; you understand that not every client can effectively utilize sophisticated new technologies tools, and prefer to craft security solutions that are most appropriate for organizations capability, cost-sensitivity, and risk tolerance.
There's no typical day or engagement for our Enterprise Security Architects. Here’s what you’ll do:
- Provide input on client security concerns and identify opportunities to address those concerns with solutions that are organizationally scalable
- Work with Program Architects to recommend appropriate platform solutions for security infrastructure and integration requirements
- Provide opinions on tool choices in the area of enterprise security
- Provide implementation teams with patterns and templates for integrating with security-related services, such as identity, authorization
- Embed in major platform team projects where you won’t shy away from getting down into the details with the team, but will always bring a broader context of the problem-space to bear.
- Whatever your role, the team always look to draw on your knowledge of security when things get tough and you handle the difficult client conversations allowing the team to continue building software without undue pressure.
- You recognize that building your network with a client is absolutely key to enable you to perform in your role. You'll be drawing on all of your passion for technology, hands-on experience and knowledge of latest tech and industry trends to help you gain the respect and credibility of those around you.
Regardless of what you do at ThoughtWorks, you’ll always have the opportunity to
- Think through hard problems, and work with a team to make them reality.
- Learn something new everyday.
- Work in a dynamic, collaborative, transparent, non-hierarchal, and ego-free culture where your talent is valued over a role title.
- Travel the world.
- Speak at conferences.
- Write blogs and books.
- Develop your career outside of the confinements of a traditional career path by focusing on what you’re passionate about rather than a predetermined one-size-fits-all plan.
- Be part of a company with Social and Economic Justice at the heart of its mission.
It is the policy of ThoughtWorks, Inc. to provide a work environment free of discrimination. The Company will take affirmative action to ensure applicants and ThoughtWorks employees are treated without regard to race, color, religion, sex, national origin, ethnic origin, veteran status, family status, disability, sexual orientation, gender expression or gender identity. This also includes individuals who are perceived to have any of the aforementioned attributes. ThoughtWorks will adhere to all federal, state, and municipal laws and regulations governing employment.