Principal Security Architect at ThoughtWorks
We are a global software consultancy and a community of passionate, purpose-led individuals. We think disruptively to deliver technology to address our clients' toughest challenges, all while seeking to revolutionize the IT industry and create positive social change.
As a Principal Security Architect, you will help ensure secure software practices from inception to delivery, balancing the tradeoffs between risk and agility. You will be a critical negotiator in aligning the needs of the ambitions of the business and technology with the controls of the security organization, and work with our delivery teams to ensure secure delivery.
This is a new role for us, so we are looking for someone comfortable with ambiguity and willing to dive into a diverse range of security concerns involving traditional application security and the architectural aspects of identity and access management. A software development background is a must, and an ideal candidate is willing to occasionally roll up their sleeves and help out key security and identity concerns in code.
You’ll spend time on the following:
- Ensuring technical approaches to enterprise identity management align with client needs and modern good practices, especially in legacy environments as they transition to modern authentication and authorization practices
- Modernizing authorization approaches in service mesh infrastructures, for example, with policy as code
- Working with delivery teams to do appropriate threat modeling
- Helping to secure the software supply chain in application delivery, including vulnerability scanning, dependency management techniques, and automated controls in a CI/CD pipeline
- Working with delivery teams, architecture, and security to ensure healthy secrets management
- Guiding delivery teams and providing oversight on managing security requirements for cloud infrastructure provisioning
Here’s what we’re looking for:
- 10+ years of experience in technology, with 3+ years focused on security and/or IAM
- First and foremost: the ability to understand the needs of software delivery teams, including a solid understanding of agile and an ability to balance the tradeoffs of risk vs agility
- Experience in architecting or implementing identity management concerns in code, which could include modernizing legacy solutions to a centralized identity provider and/or cloud migration
- Strong understanding of OpenID Connect and OAuth 2.0
- An understanding of distributed systems runtimes (e.g. kubernetes, istio) and managing authentication and authorization across a microservices architecture
- Experience with security controls inside a CI/CD pipeline
While we’ve traditionally been a traveling consultancy, travel is not required for this role at the moment. We anticipate the need for travel to our client locations in the future when it’s deemed safe.
Not quite ready to apply? Or maybe this isn’t the right role for you? That’s OK, you can stay in touch with AccessThoughtworks, our learning community (click "contact me about recruitment opportunities" to hear about jobs in the future).
It is the policy of Thoughtworks, Inc. to provide a work environment free of discrimination. The Company will take affirmative action to ensure applicants and Thoughtworks employees are treated without regard to race, color, religion, sex/gender, national origin, ethnic origin, veteran or military status, family or marital status, disability, genetic information, age, sexual orientation, gender expression or gender identity. This also includes individuals who are perceived to have any of the aforementioned attributes. Thoughtworks will adhere to all federal, state, and municipal laws and regulations governing employment.