Back to jobs
New

Information Security Engineer - Senior Consultant

Coimbatore

We’re looking for an experienced Security Engineer - Senior Consultant to join one of our India offices. This is a hands-on, deeply technical position where you will lead efforts to engineer and embed security into the fabric of our software delivery and infrastructure.


We want a leader who can talk the language of modern software product delivery teams and work collaboratively with them, as well as with infrastructure support teams. You will be responsible for bridging the gap between development, operations, and security, moving beyond traditional testing to build automated, secure-by-default systems. It will be a significant advantage if you have experience working within delivery teams that use agile development methodologies.

Job responsibilities

  • Lead and Mentor: Help grow the security engineering practice by upskilling others and working to increase the security capability within delivery teams and grow the number of in-house security specialists.
  • Engineer & Automate: Design security testing plans and automate security controls and actions to be executed within CI/CD pipelines.
  • Consult & Advise: Act as a key consultant and advisor to delivery teams, providing technical specialist advice on security standards, secure coding techniques, and best practices.
  • Architect & Design: Work with architecture and development teams to review system architecture and embed security threat modelling and secure design principles throughout the development lifecycle.
  • Govern & Improve: Work with practice leadership to help set up the security governance framework across projects. You will also prepare and monitor operational security metrics to proactively report on current threats and trends.
  • Test & Remediate: Perform and oversee security testing, including manual and automated penetration testing, and manage the remediation of identified vulnerabilities. This includes conducting security code reviews and providing effective remediation guidance.
  • Collaborate & Respond: Serve as a point of contact to assist the Infosec SOC team with specific security incidents.

Job qualifications

 
  • Experience: 5+ years of experience as a security specialist or engineer, which must include responsibilities working directly with delivery teams to review code and systems architecture.
  • Application Security: In-depth knowledge of application security vulnerabilities, secure web application development, and frameworks like OWASP and SANS top 25.
  • Infrastructure & Cloud Security: In-depth understanding of security for applications on cloud infrastructure and knowledge of technical security architecture principles. This includes a solid understanding of OS security, networking, containerization, virtualization, and server environments (e.g., Apache, Unix).
  • Secure Development: Demonstrable experience in secure coding practices and conducting code reviews for languages such as Java, Ruby, Python, and Javascript.
  • Security Engineering: Experience in running threat modeling sessions and expertise in password/secret management tools and techniques.
  • Testing & Tools: Comprehensive understanding of static and dynamic code analysis. Experience with manual and automation penetration testing tools, such as Burp, ZAP, Fortify, AppScan, WebInspect, NMap, Checkmarx, or Veracode.
  • Leadership & Communication: Excellent communication (verbal and written), influencing, and interpersonal skills. Ability to build relationships across the organization and promote security awareness.
  • Language: Proficiency in the English language for collaboration with global IT and Infosec teams.
  • Nice to have: Basic knowledge of security policies and standards like PCI-DSS, ISO 27001, or GDPR. AWS / GCP Cloud Certifications

Other things to know

Learning & Development

There is no one-size-fits-all career path at Thoughtworks: however you want to develop your career is entirely up to you. But we also balance autonomy with the strength of our cultivation culture. This means your career is supported by interactive tools, numerous development programs and teammates who want to help you grow. We see value in helping each other be our best and that extends to empowering our employees in their career journeys.

Onsite Work Expectation

You may be expected to work out of our Thoughtworks office or at our client's office location for all five working days of the week, depending on business or clients’ needs.

About Thoughtworks

Thoughtworks is a global technology consultancy that integrates strategy, design and engineering to drive digital innovation. For 30+ years, our clients have trusted our autonomous teams to build solutions that look past the obvious. Here, computer science grads come together with seasoned technologists, self-taught developers, midlife career changers and more to learn from and challenge each other. Career journeys flourish with the strength of our cultivation culture, which has won numerous awards around the world.

Join Thoughtworks and thrive. Together, our extra curiosity, innovation, passion and dedication overcomes ordinary.

See here our AI policy.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Select...
Online privacy notice *

For more about how we use your information, please see our Online privacy notice.