Information Security Engineer - Senior Consultant

As a Security Engineer - Senior Consultant at Thoughtworks, you will play a crucial role in leading efforts to engineer and embed security into software delivery and infrastructure. Your responsibilities will include:

- **Lead and Mentor**: - Help grow the security engineering practice by upskilling others and increasing the security capability within delivery teams.

- **Engineer & Automate**: - Design security testing plans and automate security controls within CI/CD pipelines.

- **Consult & Advise**: - Act as a consultant to delivery teams, providing technical specialist advice on security standards and best practices.

- **Architect & Design**: - Review system architecture and embed security threat modelling throughout the development lifecycle.

- **Govern & Improve**: - Assist in setting up the security governance framework and monitoring operational security metrics.

- **Test & Remediate**: - Oversee security testing, manage remediation of vulnerabilities, and conduct security code reviews.

- **Collaborate & Respond**: - Serve as a point of contact to assist the Infosec SOC team with security incidents.

Qualifications required for this role:

- **Experience**: - 5+ years as a security specialist or engineer working with delivery teams.

- **Application Security**: - Knowledge of application security vulnerabilities and frameworks like OWASP and SANS top 25.

- **Infrastructure & Cloud Security**: - Understanding of security for cloud applications and technical security architecture principles.

- **Secure Development**: - Experience in secure coding practices and conducting code reviews.

- **Security Engineering**: - Experience in running threat modeling sessions and expertise in password/secret management.

- **Testing & Tools**: - Understanding of static and dynamic code analysis and experience with penetration testing tools.

- **Leadership & Communication**: - Excellent communication skills and ability to build relationships across the organization.

- **Language**: - Proficiency in the English language for collaboration with global IT and Infosec teams.

Some additional details about Thoughtworks: Thoughtworks is a global technology consultancy that integrates strategy, design, and engineering to drive digital innovation. With a focus on autonomy and career development, the company offers various learning and development programs to support your career growth. Additionally, Thoughtworks values onsite work, where you may be expected to work from the office or client locations depending on business needs. As a Security Engineer - Senior Consultant at Thoughtworks, you will play a crucial role in leading efforts to engineer and embed security into software delivery and infrastructure. Your responsibilities will include:

- **Lead and Mentor**: - Help grow the security engineering practice by upskilling others and increasing the security capability within delivery teams.

- **Engineer & Automate**: - Design security testing plans and automate security controls within CI/CD pipelines.

- **Consult & Advise**: - Act as a consultant to delivery teams, providing technical specialist advice on security standards and best practices.

- **Architect & Design**: - Review system architecture and embed security threat modelling throughout the development lifecycle.

- **Govern & Improve**: - Assist in setting up the security governance framework and monitoring operational security metrics.

- **Test & Remediate**: - Oversee security testing, manage remediation of vulnerabilities, and conduct security code reviews.

- **Collaborate & Respond**: - Serve as a point of contact to assist the Infosec SOC team with security incidents.

Qualifications required for this role:

- **Experience**: - 5+ years as a security specialist or engineer working with delivery teams.

- **Application Security**: - Knowledge of application security vulnerabilities and frameworks like OWASP and SANS top 25.

- **Infrastructure & Cloud Security**: - Understanding of security for cloud applications and technical security architecture principles.

- **Secure Development**: - Experience in secure coding practices and conducting code reviews.

- **Security Engineering**: - Experience in running threat modeling sessions and expertise in password/secret management.

- **Testing & Tools**: - Understanding of static and dynamic code analysis and experience with penetration testing tools.

- **Leadership & Communication**: - Excellent communication skills and ability to build relationships across the organization.

- **Language**: - Proficiency in the English language for collaboration with global IT and Infosec teams.

Some additional details about Thoughtworks: Thoughtworks is a global technology consultancy that integrates strategy, design, and engineering to drive digital innovation. With a focus on autonomy and career devel