Security Engineer - DevSecOps
Washington, US
IBM
For more than a century, IBM has been a global technology innovator, leading advances in AI, automation and hybrid cloud solutions that help businesses grow.
Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
The DevSecOps Security Engineer will support dynamic and static analysis (DAST and SAST) of code for multiple applications using Fortify and work across technical teams to support the remediation of findings. The DevSecOps Security Engineer will support a large team of infrastructure, security and application team during migration of on-prem and cloud applications to the client Azure Government enclave. The security engineer will configure, operate and maintain Security Code Scanning tools (Fortify). The engineer will provide support for security assessment and authorization/ ATO process, security audits.
Required Technical and Professional Expertise
Key Job Details
Role:Security Engineer – DevSecOps Location:Washington, US Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0147) International Business Machines Corporation Req ID:716922BR
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
The DevSecOps Security Engineer will support dynamic and static analysis (DAST and SAST) of code for multiple applications using Fortify and work across technical teams to support the remediation of findings. The DevSecOps Security Engineer will support a large team of infrastructure, security and application team during migration of on-prem and cloud applications to the client Azure Government enclave. The security engineer will configure, operate and maintain Security Code Scanning tools (Fortify). The engineer will provide support for security assessment and authorization/ ATO process, security audits.
Required Technical and Professional Expertise
- 5+ years experience supporting secure DevSecOps practices using FORTIFY 5+ years experience running Dynamic and Static Application Security Testing (SAST)
- 5+ years experience working with of source version control, build/release tools and methodologies
- 5+ years experience with CI/CD pipelines
- 5+ years experience with the software build process
- 5+ years experience supporting backups and disaster recovery
- 5+ years experience maintaining access control and the integrity of data throughout the platform 5+ years experience designing, developing, evaluating and modifying systems and systems-oriented products.
- 5+ years experience configuring, deploying and maintaining and optimizing securiy code scanning tools (Fortify)
- Perform Cyber Supply Chain Risk Management (C-SCRM) activities to include configuring, deploying and maintaining SCRM tool (Mend) and analyze reports.
- Support Security Assessment and Authorization / ATO process
- Certified in industry recognized areas such as CISSP, CISA, or CISM
Preferred Technical and Professional Expertise
- Excellent organization, collaboration, project management, and team leadership skills
- Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership
- 2+ years experience executing security compliance in multi-cloud or DevSecOps environments
- 2+ years experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes
- Security certification in one or more cloud environments (Azure, AWS, Google…)
- Familiarity with NIST
Key Job Details
Role:Security Engineer – DevSecOps Location:Washington, US Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0147) International Business Machines Corporation Req ID:716922BR
Projected Minimum Salary:$136,000 per year Projected Maximum Salary:$136,000-$162,754/year per year Date Posted:September 28, 2024
Job stats:
1
0
0
Categories:
DevSecOps Jobs
Security Engineering Jobs
Tags: Application security Audits AWS Azure C CI/CD CISA CISM CISSP Cloud Compliance DAST DevSecOps NIST Risk management SAST Security assessment
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Penetration Tester jobsInformation Security Specialist jobsInformation Security Officer jobsInformation Systems Security Officer jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsPrincipal Security Engineer jobsSenior Penetration Tester jobsIT Security Engineer jobsChief Information Security Officer jobsCloud Security Architect jobsCyber Security Specialist jobsSenior Information Security Analyst jobsSecurity Specialist jobsStaff Security Engineer jobsInformation System Security Officer (ISSO) jobsCybersecurity Consultant jobsCyber Security Architect jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobsIT Security Analyst jobsSenior Product Security Engineer jobs
RMF jobsSaaS jobsSDLC jobsEncryption jobsMalware jobsEDR jobsIDS jobsIPS jobsGDPR jobsSplunk jobsSQL jobsForensics jobsDoDD 8570 jobsBash jobsTop Secret jobsITIL jobsFinance jobsOWASP jobsIntrusion detection jobsUNIX jobsTerraform jobsCompTIA jobsCRISC jobsDocker jobsTCP/IP jobs
Polygraph jobsSANS jobsActive Directory jobsGIAC jobsThreat detection jobsData Analytics jobsClearance Required jobsBanking jobsCCSP jobsVPN jobsAnsible jobsSOAR jobsOSCP jobsGCIH jobsDNS jobsJavaScript jobsJira jobsArtificial Intelligence jobsSOX jobsSOC 2 jobsIT infrastructure jobsHIPAA jobsSecurity strategy jobsMITRE ATT&CK jobsOracle jobs