UK Information Security Lead (Ops and App infosec Security)

ThoughtWorks, London, Manchester

Creative Technology Consultants

Infosec Regional Lead - UK 

Thoughtworks is a global software consultancy with an aim to create a positive impact on the world through technology. Our community of technologists thinks disruptively to deliver pragmatic solutions for our clients' most complex challenges. We are curious minds who come together as collaborative and inclusive teams to push boundaries, free to be ourselves and make our mark in tech.

What are the responsibilities and expectations of this role? 

The Thoughtworks security team is looking for a new colleague in the UK! We are a very distributed team, spread across the globe and cover a vast domain of knowledge -- everything has a security angle!

You'll be working in an all-round role, collaborating with the client accounts in Professional Services (PS) and Thoughtworks-internal operations functions (Ops) based in your region on a large number of topics to improve their overall security posture. 

You will be an early warning indicator around risk for your region’s leadership in the sense that you will be reporting to them and advising them on risks you perceive throughout the region, both in PS and Ops. You'll be part of a larger global and EU team identifying ways to scale security better within Thoughtworks.

Role responsibilities:

  • Regular collaboration with and assessments of client accounts for security and compliance risks and posture.
  • Collaborate with other InfoSec team members to improve the overall security posture of Thoughtworks with a specific focus on Europe
  • Collaborate with operations teams to support compliance and security risk needs
  • Collaborate with regional comms and security community to run security awareness campaigns
  • Support and handle security incident response process when incidents occur on regional accounts or teams
  • Report to InfoSec and your regional stakeholders on security-related risks and posture
  • Help shape the regional security community
  • Collaborate with regional Head of L&D on security capability initiatives


What kinds of skills, attitudes and experiences would one need to bring, to be an ideal fit for this role?

You'll bring:

  • A solid understanding of how software teams deliver value to our clients
  • A strong interest in learning the security domain and how security vulnerabilities translate into delivery risks 
  • A strong interest in infrastructure and operations with one or more cloud vendors 
  • While this is not a travel-heavy role, you need to be okay with going to a client site for a couple of days if support is needed, or to other offices during regular intervals.

Traits we are looking for:

  • Strong influencing skills in advocating for security best practices, especially at the levels of Thoughtworks and client leadership
  • Ability to communicate effectively to different types of audiences
  • Ability to categorize, visualize, and present findings to leadership
  • Capable of self-management while following broad strategic objectives 
  • Organization of multiple concurrent streams of work with competing objectives
  • Strong sense of commitment and delivery
  • Being able to handle unplanned work
  • Being able to handle feast-or-famine workloads (alternating phases with high and low workloads) 

What will you learn?

  • Distributed collaboration skills
  • Security (competencies)
    • Threat Modeling
    • Risk Management
    • Technical and non-technical security measures
    • Security in continuous delivery
  • Consulting skills
  • Stakeholder Management
  • Understanding our business and priorities as part of the regional leadership team
  • How security works in an agile delivery model


About ThoughtWorks

A community of passionate individuals whose purpose is to revolutionize software design, creation and delivery, while advocating for positive social change. 

Want to learn more about ThoughtWorks? Visit ThoughtWorks's website.