Product Security Associate Architect - Tlahuac, México - Thomson Reuters

Thomson Reuters

Empresa verificada

Tlahuac, México

hace 1 semana

Publicado por:

Rodrigo Fernández

Reclutador de talento para beBee

Descripción

As an employee at Thomson Reuters, you will play a role in shaping and leading the global knowledge economy. Our technology drives global markets and helps professionals around the world make decisions that matter.

Whether solving for today's challenges or tomorrow's aspirations, you will work with the industry's brightest thinkers on diverse projects, creating next-generation solutions that deliver powerful results.

As the world's leading provider of intelligent information, we want your unique perspective to create the solutions that advance our business—and your career.

About the Role:

As _"
_Product Security __Associate Architect" _**_you will:_
Use your overall technical security expertise as well as your evangelism skills to ensure successful delivery of our crossfunctional product security initiatives.

Your primary responsibilities include the following:

Lead and energize our global security champions' initiative that represents hundreds of engineers globally. The program is cornerstone to our Product Security mission to make a deep global and sustainable impact on our security posture.
Strategize, plan, develop the program's initiatives to meet our overarching product security objectives.
Identify and document requirements from our champions to inform strategy.
Develop reporting/dashboarding to report on the engagement of security partners and the health of the program (OKRs), through meaningful metrics.
Act as our primary liaison person between security partners and product security core teams.
Bring visibility and strengthen communication across teams.
In collaboration with our Software Engineering team, partner with our Product and Product Engineering teams to bake the integration of security requirements in our products development lifecycle inband of teams' ways of working and improve the Developer eXperience (e.g., developers tooling, threat modeling, automated analysis, offensive testing/purple team, software supply chain security).
Conduct adhoc and continuous security maturity assessments at scale (e.g., based on known frameworks like OWASP SAMM) and help with our threat modeling endeavors.

Secondary responsibilities:

Participate in developing our product security training program targeting development, cloud, cloud native technologies. Examples include threat modeling training, organizing CTFs (and building anything that's required to run it), development of custom labs and partnering with our Security Awareness team.

About You
You're a fit for the "
_Product Security __Associate Architect"_** role if your background includes:

Clear and compelling written and verbal communication; you are an evangelist. You need to build attractive, sustainable security initiatives and maintain interest among a lot of competing priorities.
Worked with OWASP SAMM or BSIMM on large scale maturity assessments.
Built, experimented and (certainly failed) at running security champions program in mid to large size companies.
Driven by metrics to demonstrate the value of the programs you lead.
Work and drive strategic programs, pay great attention to details; Help in building a remote friendly culture favoring async communications and outcomes.
Love having end to end ownership and responsibility and deliver value.
Prior handson experience in SRE and/or development functions a plus.

Skills:

Deep experience with Secure Development and S-SDLC development programs.
Proficiency with security maturity frameworks OWASP SAMM or BSIMM. Good knowledge of NIST (CSF, SSDF), ASVS and others is a big plus.
Proficiency and autonomy in leading scaled programs with little to no oversight.
Basic knowledge of Snowflake and PowerBI.
Exceptional organizational and communication skills (both oral and written), empathy.
Azure DevOps "Boards" proficiency is a plus.
Bachelor's degree or above preferred.

What's in it For You
Product Security is one of the hottest trends in security.

Talents possessing experience and knowledge in this area are in high demand and expanding your horizon and skills will make you stand out of the crowd.

At Thomson Reuters, our people are our greatest assets.

Here are just some of the benefits we offer for your personal and professional growth:

- **You will join our inclusive culture **of world-class talent, where we are committed to your personal and professional growth through:

Hybrid Work Model: We've adopted a flexible hybrid working environment for our office
based roles while delivering a seamless experience that is digitally and physically connected.

-
Culture: Globally recognized and award-winning reputation for equality, diversity and inclusion, flexibility, work-life balance, and more.
-
Wellbeing:Comprehensive benefit plans; flexible and supportive benefits for work-life balance: two company-wide Mental Health Days Off; work from another location for up to a total