Penetration Tester / Security Analyst

Job Description

Thomson Reuters is looking for a few highly skilled cyber security specialists to help staff a new location in the central business district of downtown Richmond. This new facility will be home to a number of critical cyber security disciplines, designed to improve the overall security posture of Thomson Reuters - including its assets, data and operations. Be part of an exciting, fast-paced environment that will help Thomson Reuters strengthen its position as the trusted "Answer Company" in the market.

The Security Analyst/Penetration Tester will be taking an important role in implementing and supporting the Security Operations, Strategy & Architecture program at Thomson Reuters with strong focus on internal penetration testing activities. This role will report into the Manager, Penetration Testing Services.

Key Responsibilities Include:
- Conduct penetration tests on both business critical infrastructure and applications to support the organization's risk management program
- Scope and deliver security testing engagements on time and within budget according to stakeholder requirements and organization needs.
- Provide quality assurance and technical reviews of deliverables, results and internal documentation (peer review)
- Evaluate remediation suggestions and provide consultative support with implementation of remediation steps, standards, and best practices where needed.
- Understand and consider industry trends, customer needs, business risk tolerance, and business environments relating to information security.
- Understand and clearly communicate potential threats, vulnerabilities, and control techniques


- Proven experience of delivering penetration tests on either infrastructure or applications in a global environment including scoping, execution, reporting and stakeholder management
- Experience in dealing with technical and business stakeholders throughout all phases of the engagement
- Experience developing custom scripts or tools to support testing activities
- Strong technical knowledge and experience required in areas of vulnerability assessment, risk based threat analysis and vulnerability mitigation.
- Good knowledge of network and security technologies such as TCP/IP, IDS/IPS, firewalls, LAN/WAN, routing and switching.
- Good to advanced knowledge of the following platforms in an enterprise environment - Microsoft Windows, Solaris, Linux.
- Knowledge of programming languages and/or scripting languages (Perl, Python, Ruby, ...)
- Excellent problem diagnosis and analytical skills.
- Good collaboration and communication skills (both written and verbal)
- Good report writing skills coupled with an acute attention to detail.
- Self starter able to work with minimal supervision and ability to learn new skills quickly with minimal guidance.
- Dedicated to achieving project schedules and milestones.
- Ability to work in a team environment with deadlines and multiple priorities while staying a team player.

- OSCP, CREST certifications preferred

At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With more than 45,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Intrigued by a challenge as large and fascinating as the world itself? Come join us.

To learn more about what we offer, please visit .

More information about Thomson Reuters can be found on

Richmond-Virginia-United States of America

Back to top