Platform Technical Specialist - Security
Thomson Reuters Platform Group Operations is looking for a Security Engineer, familiar with working in a DevOps Engineering environment and focused on Cloud Security, to work out of our Toronto Office. The candidate will be positioned within the Platform Group Operations systems engineering and operations team as a Platform Technical Specialist - Security.
Thomson Reuters has a global on premise footprint of multiple large, interdependent systems and a vision to transform 80% on-prem to Cloud. The Platform Technical Specialist will be responsible to work with product, development and operations teams to solution, implement and support this transformation business initiative.
The Platform Technical Specialist leads the analysis, definition, design, and provides oversight for construction, testing, installation and modification across multiple large, interdependent systems. The role requires cloud and networking experience focusing on security, operations and technical governance processes. The Platform Technical Specialist partners with stakeholders on large projects to provide architectural, implementation and support oversight throughout the life cycle of a project.
The Platform Technical Specialist role is responsible for the Security GRIP, a playbook of security solutions, guidelines, and recommendations for Platform Group. The role is responsible to engage Information Security Risk Management and relevant subject matter experts, review company security policies and work to identify solutions available to developers and operations teams that satisfy TR security policy.
The Platform Technical Specialist is a member of the Cloud Security Community of Practice, an enterprise-wide working group established to improve security posture across Thomson Reuters' cloud environments by implementing standard controls related to the following key capabilities: Defensive Visibility, Identity & Access Management Asset Inventory & Tagging.
- You will lead security policy related audits and document current and future security procedures and policies.
- You will translate security policy into deliverable solutions and tasks
- You will remediate and write post-mortem reports on security-related issues
- You will work with internal and external vendors to facilitate penetration and vulnerability tests
- You will analyze results and recommend remediation
- You will represent Platform Group in the Cloud Security Practice forum
- You will manage the Security GRIP (Guidelines, Recommendations Information Playbook)
Essential Skills & Experience
- You are skilled in Unix/Linux and knowledge of Windows OS with most recent exposure to RHEL.
- You know how to leverage cloud capabilities for network security, data security, and encryption.
- You understand how to use DNS management, auto scale groups, load balancers, and other technologies.
- You care about ensuring the security of IaaS/PaaS architectures.
- You love building secure deployment pipelines and automating continuous security monitoring and alerting using cloud capabilities.
- You're a doer - you lead by example and are excited by the opportunity to secure the cloud in a scalable way through automation.
- You have experience with identity and access management for the cloud including MFA and other access essentials.
- You have experience with Cloud Custodian and Anchore
- You're a good problem solver and a good communicator.
- You have demonstrable experience with AWS and or Azure cloud technologies
- You have the ability to design and implement fully automated Infrastructure as code
- You have the ability to build (CD\CI) Continuous Integration, Continuous Deployment pipelines using Jenkins, Github, JIRA.
Desirable Skills & Experience
- You have experience with DevOps processes, SDLC, and delivering scalable and resilient infrastructure.
- You have experience delivering end-to-end projects implementing security best practices
- You have experience or knowledge of Packer, Ansible, Puppet, Jenkins, AWS, Docker, Docker Swarm, Kubernetes, Python, BASH, Git, Zabbix, DataDog, SumoLogic, VictorOPS, Linux, Unix, Ubuntu, Debian, CentOS.
- AWS Certified Solutions Architect or Developer or DevOps - Associate or equivalent experience
- Certified Information Systems Security Professional or equivalent experience
Bachelor's Degree in Computer Science or related field
At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With more than 45,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.
As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.
Intrigued by a challenge as large and fascinating as the world itself? Come join us.
To learn more about what we offer, please visit thomsonreuters.com/careers .
More information about Thomson Reuters can be found on thomsonreuters.com.
Back to top