Application Security Engineer
Multiple Cities
IBM
For more than a century, IBM has been a global technology innovator, leading advances in AI, automation and hybrid cloud solutions that help businesses grow.
Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
Your Role and Responsibilities
– Develop, configure, and maintain application security solutions tailored to client needs, including both solutions integrated in the CI/CD pipeline and solutions operating independently (eg DAST scanner). – Perform application security assessments on a regular and ad hoc basis, in order to maintain awareness of the clients risk posture and drive vulnerability remediation. – Provide subject matter expertise to client leadership, developers, SOC personnel, and other stakeholders concerning application security, including expert advice and recommendations for improving security posture, mitigating vulnerabilities, and adhering to security standards – Maintain awareness of DevSecOps best practices and drive their implementation across the client environment. – Assist with incident response
Required Technical and Professional Expertise
– Minimum 5 years of experience performing application security assessment and developing application security solutions
– Minimum 3 years experience with federal security practices and standards
– Strong understanding of DevSecOps and experience integrating security controls into CI/CD pipeline.
– CISSP, CEH or equivalent certifications
– Ability to analyze complex security issues and provide appropriate solutions or recommendations.
– Strong communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.
Preferred Technical and Professional Expertise
– Experience working with FedRAMP (Federal Risk and Authorization Management Program) compliance standards.
– Familiarity with NIST (National Institute of Standards and Technology) guidelines, including NIST SP 800-53 and NIST Cybersecurity Framework (CSF).
– Knowledge of other security frameworks such as CIS Controls or ISO 27001.
– Previous experience working with Federal clients in a cloud-hosted environment.
Key Job Details
Role:Application Security Engineer Location: Multiple Locations See All Bethesda Durham Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0147) International Business Machines Corporation Req ID:730765BR
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
Your Role and Responsibilities
– Develop, configure, and maintain application security solutions tailored to client needs, including both solutions integrated in the CI/CD pipeline and solutions operating independently (eg DAST scanner). – Perform application security assessments on a regular and ad hoc basis, in order to maintain awareness of the clients risk posture and drive vulnerability remediation. – Provide subject matter expertise to client leadership, developers, SOC personnel, and other stakeholders concerning application security, including expert advice and recommendations for improving security posture, mitigating vulnerabilities, and adhering to security standards – Maintain awareness of DevSecOps best practices and drive their implementation across the client environment. – Assist with incident response
Required Technical and Professional Expertise
– Minimum 5 years of experience performing application security assessment and developing application security solutions
– Minimum 3 years experience with federal security practices and standards
– Strong understanding of DevSecOps and experience integrating security controls into CI/CD pipeline.
– CISSP, CEH or equivalent certifications
– Ability to analyze complex security issues and provide appropriate solutions or recommendations.
– Strong communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.
Preferred Technical and Professional Expertise
– Experience working with FedRAMP (Federal Risk and Authorization Management Program) compliance standards.
– Familiarity with NIST (National Institute of Standards and Technology) guidelines, including NIST SP 800-53 and NIST Cybersecurity Framework (CSF).
– Knowledge of other security frameworks such as CIS Controls or ISO 27001.
– Previous experience working with Federal clients in a cloud-hosted environment.
Key Job Details
Role:Application Security Engineer Location: Multiple Locations See All Bethesda Durham Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0147) International Business Machines Corporation Req ID:730765BR
Projected Minimum Salary:$131,750 per year Projected Maximum Salary:$131,750-$155,000/year per year Date Posted:October 6, 2024
Job stats:
1
1
0
Categories:
AppSec Jobs
Security Engineering Jobs
Tags: Application security CEH CI/CD CISSP Cloud Compliance DAST DevSecOps FedRAMP Incident response ISO 27001 NIST NIST 800-53 Red Hat Security assessment SOC Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Penetration Tester jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Engineer jobsSystems Administrator jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsPrincipal Security Engineer jobsStaff Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
DevSecOps jobsKubernetes jobsEncryption jobsPowerShell jobsIDS jobsSplunk jobsSaaS jobsEDR jobsSDLC jobsIPS jobsRMF jobsSQL jobsTop Secret jobsIntrusion detection jobsBash jobsCompTIA jobsThreat detection jobsITIL jobsFinance jobsOWASP jobsDoDD 8570 jobsCRISC jobsDocker jobsActive Directory jobsBanking jobs
UNIX jobsTCP/IP jobsVPN jobsGIAC jobsTerraform jobsSANS jobsClearance Required jobsIT infrastructure jobsHIPAA jobsSOX jobsSOC 2 jobsOSCP jobsCISO jobsIndustrial jobsJavaScript jobsCCSP jobsData Analytics jobsDNS jobsSOAR jobsPolygraph jobsJira jobsAnsible jobsMITRE ATT&CK jobsCyber defense jobsGCIH jobs