Introduction At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just
At IBM, work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so, lets talk.
Your Role and Responsibilities
Security architects work to understand strategic priorities, business requirements, technical requirements, issues identification, issue remediation and are called on to develop and articulate robust and innovative security solutions to address these all. Our Security Architects provide subject matter expertise in creating, implementing, and maintaining enterprise security programs.
A Security Architect is a subject matter expert in system administration. The architect fills a critical role in the overall success of a project and are the primary source of security solution design and development. The Security Architect will work in conjunction with larger teams to deliver amazing technology solutions that delivers a secure experience and helps to build the Hybrid Cloud functionality.
The Security Architect is also a subject matter expert in regulatory bodies’ cloud requirements, reviewing newly introduced regulations that impact Cloud environments worldwide. The architect must also be able to advise and, in some cases, prototype how to become compliant with these emerging security standards from differing industry regulatory bodies and national regulatory works. Experience with FedRAMP programs and certification a plus.
How we will help you grow
- You’ll have access to all the technical and management training courses to become the expert you want to be.
- You’ll have the opportunity to work on truly enterprise scale problems in the cloud but that are from parts of the Cloud
- You’ll learn directly from Senior members/leaders in this field.
- You’ll have the opportunity to bring your existing skills and explore problems facing new Cloud technologies and applications, and you’ll do this as a part of a team that will all bring unique perspecitives and skills to bear on the issue at hand
Required Technical and Professional Expertise
Skills for Success if you are coming from the System Admin area (Successful applicants will have at least two of the Core skills and two or more of the OPTIONAL skills):
- CORE: Linux system administration experience 6+ years.
- CORE: Linux container experience, Kubernetes, Docker, any LXC based technologies 4+ years
- CORE: 3+ years with any Regulatory bodies or regulatory frameworks ISO27001, FinRA/FFIEC, HiTrust, HIPAA, NIST 800-53, GDPR, FedRAMP, PCI-DSS, and EBA
- CORE: Applied experience with application security modeling to include threat modeling and identification of attack vectors – 3+ years
- CORE: Red Team (White hat) pen tester team experience – 4+ years
- OPTIONAL: 2+ years of Patching and benchmarking (CIS L1 for example) automation via in-house scripting or enterprise tooling
- OPTIONAL: 2+ years of Secure Image (CIS images for example) use and automation, for example secure boot, network boot from images, image deployment and refresh, etc.
- OPTIONAL: 2+ years of Software defined Networking experience, Openflow, ONUS, or any of the vendor implementations (Calico, Beacon, OpenDaylight, Open vSwitch, etc)
- OPTIONAL: 1+ year Experience as an admin or superuser on Security Tools such as: SIEMs, SOAR platforms, vulnerability scanning, DAST, SAST, Privileged ID mgmt., AuthZ solutions, enterprise logging analysis, EDR, any zero trust tools (otherwise known as trusted execution or application whitelisting),
- OPTIONAL: 1+ years experience with provisioning & provision automation in AWS, Azure, IBM Cloud, Oracle, or Google Cloud (experience can be with compute nodes, storage, database, any of the “as a Service” offerings, integration with on-prem systems for Hybrid cloud, or bare metal systems)
- OPTIONAL: Experience with secure coding practices and testing to prevent and avoid attacks, such as, http state handling, XSS, OWASP Top 10, ZAP, etc.
- OPTIONAL: Attack vector/pen testing tools experience (Kali, Cobalt Strike, Nmap, BurpSuite, etc.)
- OPTIONAL: Strong experience with scripting languages such as Python, Ruby, Bash, Typescript, etc.
Preferred Technical and Professional Expertise
- Bachelors Degree or greater is preferred
- FedRAMP experience or knowledge of the certification process a plus
- Soft skills – excellent written and verbal communication, explaining vulnerabilities, writing internal guidance documents, coordinating with other teams
- FIPS 140-2 validated module knowledge and implementation experience
About Business Unit
Digitization is accelerating the ongoing evolution of business, and clouds – public, private, and hybrid – enable companies to extend their existing infrastructure and integrate across systems. IBM Cloud provides the security, control, and visibility that our clients have come to expect. We are working to provide the right tools and environment to combine all of our client’s data, no matter where it resides, to respond to changing market dynamics.
Your Life @ IBM
Are you craving to learn more? Prepared to solve some of the world’s most unique challenges? And ready to shape the future for millions of people? If so, then it’s time to join us, express your individuality, unleash your curiosity and discover new possibilities.
Every IBMer, and potential ones like yourself, has a voice, carves their own path, and uses their expertise to help co-create and add to our story. Together, we have the power to make meaningful change – to alter the fabric of our clients, of society and IBM itself, to create a truly positive impact and make the world work better for everyone.
It’s time to define your career.
IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.
Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.
At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.
IBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.