Principal Security Architect

Principal Security Architect2021-08-31T15:38:15-04:00<p><span style="font-weight: 400;">We are a global software consultancy and a community of passionate, purpose-led individuals. We think disruptively to deliver technology to address our clients' toughest challenges, all while seeking to revolutionize the IT industry and create positive social change.</span></p> <p><span style="font-weight: 400;">As a Principal Security Architect, you will help ensure secure software practices from inception to delivery, balancing the tradeoffs between risk and agility. You will be a critical negotiator in aligning the needs of the ambitions of the business and technology with the controls of the security organization, and work with our delivery teams to ensure secure delivery.</span></p> <p><span style="font-weight: 400;">This is a new role for us, so we are looking for someone comfortable with ambiguity and willing to dive into a diverse range of security concerns involving traditional application security and the architectural aspects of identity and access management. A software development background is a must, and an ideal candidate is willing to occasionally roll up their sleeves and help out key security and identity concerns in code.</span></p> <p><span style="font-weight: 400;">You’ll spend time on the following:&nbsp;</span></p> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Ensuring technical approaches to enterprise identity management align with client needs and modern good practices, especially in legacy environments as they transition to modern authentication and authorization practices</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Modernizing authorization approaches in service mesh infrastructures, for example, with policy as code</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Working with delivery teams to do appropriate threat modeling</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Helping to secure the software supply chain in application delivery, including vulnerability scanning, dependency management techniques, and automated controls in a CI/CD pipeline</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Working with delivery teams, architecture, and security to ensure healthy secrets management</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Guiding delivery teams and providing oversight on managing security requirements for cloud infrastructure provisioning</span></li> </ul> <p><span style="font-weight: 400;">Here’s what we’re looking for:</span></p> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">10+ years of experience in technology, with 3+ years focused on security and/or IAM</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">First and foremost: the ability to understand the needs of software delivery teams, including a solid understanding of agile and an ability to balance the tradeoffs of risk vs agility</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Experience in architecting or implementing identity management concerns in code, which could include modernizing legacy solutions to a centralized identity provider and/or cloud migration</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Strong understanding of OpenID Connect and OAuth 2.0</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">An understanding of distributed systems runtimes (e.g. kubernetes, istio) and managing authentication and authorization across a microservices architecture</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Experience with security controls inside a CI/CD pipeline</span></li> </ul> <h3><strong><em>A few important things to know:</em></strong></h3> <p><strong>While we’ve traditionally been a traveling consultancy, travel is not required for this role at the moment. We anticipate the need for travel to our client locations in the future when it’s deemed safe.</strong></p> <p><span style="font-weight: 400;">Not quite ready to apply? Or maybe this isn’t the right role for you? That’s OK, you can stay in touch with</span><a href=";utm_medium=jd&amp;utm_campaign=access-thoughtworks"><span style="font-weight: 400;"> AccessThoughtworks</span></a><span style="font-weight: 400;">, our learning community (click "</span><em><span style="font-weight: 400;">contact me about recruitment opportunities"</span></em><span style="font-weight: 400;"> to hear about jobs in the future).</span></p> <p><em><span style="font-weight: 400;">It is the policy of Thoughtworks, Inc. to provide a work environment free of discrimination. The Company will take affirmative action to ensure applicants and Thoughtworks employees are treated without regard to race, color, religion, sex/gender, national origin, ethnic origin, veteran or military status, family or marital status, disability, genetic information, age, sexual orientation, gender expression or gender identity. This also includes individuals who are perceived to have any of the aforementioned attributes. Thoughtworks will adhere to all federal, state, and municipal laws and regulations governing employment.</span></em></p>ThoughtworksNew York City, New YorkUSA