Software Engineer Fullstack Jr

Are you passionate about the chance to bring your experience to a world-class company that is market-leading or both content and technology? If yes, we're looking for you.

Join our team! T As a security software engineer, you will focus on designing and developing our next generation of secure frameworks and libraries. This includes developing IDE/Azure DevOps plugins, secrets management tooling, SOAR automation, and our enterprise product security application used as the security source of truth across Thomson Reuters.

About the role:

In this role as a Security Software Engineer, you will:

• Develop our DevSecOps machinery that provides teams with secure defaults, powering our frictionless vision of product security.
• Work on sets of secure libraries and Azure DevOps/IDE plugins to further the adoption of security.
• Develop our single pane of glass application, providing insights and self-service to our product and application teams.
• Work with our application security and cloud-native security teams to develop a supply chain security toolchain.
• Leverage test-driven development (e.g, unit, E2E, regression) to deliver quality software.
• Participate in developing software development guidelines and documentation.

About you: You are a fit for the role of Security Software Engineer if you meet the below qualifications:

• 2+ years as a software developer in a procedural language such as Golang, Vue js and object-oriented JavaScript UI framework (e.g. React, Angular, ). Knowledge of Python, NodeJs, C sharp, or Java is also a plus.

• Working proficiency leveraging and operating AWS services such as IAM, SQS, S3, Lambdas, CloudFormation, CloudFront, DynamoDB, RDS, EKS, and EC2.
• Knowledge of TypeScript best practices.
• Knowledge of SQL and database practices.
• Experience in developing REST APIs.
• Ability to take on any programming assignments autonomously and deliver.
• An "all things as-code" mindset to expand to adjacent security teams.
• Familiarity with secure software development methodologies.

As a Plus - NOT Mandatory

• Experience with Infrastructure as Code (IaC) such as Terraform.
• Comprehension of SOLID principles.
• Hands-on security engineering or application security experience is a plus.
• Understanding of OWASP Top 10 vulnerabilities and how best to mitigate them.
• Familiarity with FedRAMP Moderate controls
• Basic understanding of authentication/authorization (a12n/a11n) flows.
• Understanding of security in transit/security at rest encryption methodologies.
• Competency in Snowflake and Postgres database technologies and administration.