Security Tech Lead
Bangalore, IN
IBM
For more than a century, IBM has been a global technology innovator, leading advances in AI, automation and hybrid cloud solutions that help businesses grow.At IBM, work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so, lets talk.
Your Role and Responsibilities
The IBM Sustainability Software team is looking for a technical, talented, innovative and enthusiastic Security and Compliance Tech Lead to lead and drive compliance, security awareness, training, applying best practices for secured development. Security is something that every development team needs to incorporate into every phase of their product development life cycle and the Security and Compliance Focal is expected to ensure security is built into the design, planning, implementation, and execution of our products.
The Security and Compliance Tech Lead should continuously consider the attack vectors and security weaknesses within the product offering and provide solutions to remediate those weaknesses. Should be Technical with understanding of Micro-services architecture, SaaS, Cloud Security and Infrastructure; Must collaborate with all stakeholders to drive security solutions; Must possess a growth mindset to keep up with the changing security landscape.
Required Technical and Professional Expertise
- Overall experience 8+ yrs with 5+ yrs of working experience with designing/building SaaS offerings and 3+ yrs as a security technical lead
- Domain expertise in cloud software and infrastructure technologies.
- Very good understanding in penetration testing methodologies and exploits (web apps, containers, APIs, databases, operating systems, cloud technologies, etc).
- Ability to communicate highly technical aspects to Executives, IT staffs, CISO team, auditors.
- Experience with various scripting languages (Shell, Python, Bash, etc.).
- Familiarity with OWASP Top Ten, NIST, CIS and MITRE ATT&CK
- Demonstrated experience in successful driving & execution of compliance programs for common IT security stds/regulations.
- Access Management – understand the concepts of need to know, least privilege, individual accountability, privilege access monitoring, access revalidation, etc.
- Vulnerability Management – be able to regularly scan your systems and remediate any vulnerabilities found within required time frames
- Data Protection – understand the types of data your services deal with and have measures in place to protect that data (e.g. encryption, file permissions, etc.)
- Configuration Management – understand how to securely harden a system or application upon deployment.
Preferred Technical and Professional Expertise
- Certifications / Credentials – CISSP (preferred), CCNP/CCIE (preferred), CCSP, CISA/CRISC/CISM.
- Common Attack Patterns – know what the common attack vectors facing the industry (e.g. CWE 25 or OWASP Top 10), be able to describe an attack with an example, describe what a successful exploitation/impact looks like, and what best practice remediation is.
Key Job Details
Role:Security Tech Lead Location:Bangalore, IN Category:Software Engineering Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0063) IBM India Private Limited Req ID:731612BR
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Bash CCIE CCNP CCSP CISA CISM CISO CISSP Cloud Compliance CRISC Encryption Exploits MITRE ATT&CK Monitoring NIST OWASP Pentesting Python SaaS Scripting Vulnerabilities Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.