Security Architect
Company
IBM
Location
IN Bangalore
Type
Full Time
Job Description
At IBM work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so lets talk.
Your Role and Responsibilities
Be part of transparent and responsible AI innovations. Join the Software Labs to build GenAI solutions that solve complex business problems and get an opportunity to influence the future of AI.
As a Security Architect you will
• Understand strategic priorities business requirements technical requirements issues identification issue remediation and are called on to develop and articulate robust and innovative security solutions to address these all
• Provide subject matter expertise in creating implementing and maintaining enterprise security programs.
• A subject matter expert in regulatory bodies
• Responsible for the Security of services keeping in mind Data Security Network Security Infrastructure Security and Access Control.
• Drive and maintain security throughout the entire Software Development Life Cycle of Services.
• Incorporates Security and Privacy by Design in a bottom up
• Oversee Application Security Testing including Static and Dynamic Code scans (SAST/DAST) Vulnerability Assessment and Penetration Testing (VAPT) for completeness.
• Conduct Security assessments and threat modelling of Services
• Does evaluation and selection of the components design of hardware software process and service components of the solution assurance of deployment architectures and guide secure engineering practices in development.
• Own the security architecture plan while being a “hands-on” builder
• Champion an entrepreneurial mindset and deliver unique value by leveraging industry and technology expertise to drive innovative strategies to accelerate clients’ success.
Required Technical and Professional Expertise
• Fifteen years of industry experience and ten years of relevant experience
• 5+ years of experiences in building deploying and managing large scale services / platforms for Cloud Platforms and on-Prem system
• Delivering micro services at scale; designing micro services solutions
• Good understanding of real time streaming analytics and batch data processing architectures.
• Familiarity with distributed architecture event-driven architecture.
• Python Go Lang experience (Can also have Java Scala Rust)
• Container orchestration performance and security (Kubernetes / Docker)
• DevSecOps practices
• Experience with one or more of the following: NoSQL Databases (eg: Cassandra Mongo) Columnar Databases (eg RedShift Snowflake) Search Engines (eg Elastic Search) Spark Hadoop.
• Sound understanding of data science concepts model development & performance tuning processes as well as coding version control and CI/CD best practices
• 2+ years UI Development experience using React (Can also have angular)
• Scripting languages like Python JavaScript shell
• Release Engineering (Git Branching versioning tagging) and experience with Agile software development
• CI/CD tooling (Preferred ArgoCD Tekton)
• 1+ years experience with one or more of these Monitoring tools: Sysdig Zabbix Grafana Prometheus ELK etc..
• Experience with one or more automation and configuration management tools/solutions: Ansible Terraform Salt Chef python bash puppet Rundeck etc.
• Working knowledge of Compute Network Storage and Virtualization technologies
• Excellent verbal and written communication skills
• Highly responsible motivated follow / establish development practices and able to work with little direction
Preferred Technical and Professional Expertise
The right candidate should have more than three CORE and OPTIONAL skills.
• CORE: Linux system administration experience 6+ years.
• CORE: Linux container experience Kubernetes Docker any LXC based technologies 4+ years
• CORE: 3+ years with any Regulatory bodies or regulatory frameworks ISO27001 FinRA/FFIEC HiTrust HIPAA NIST 800-53 GDPR FedRAMP PCI-DSS and EBA
• CORE: Applied experience with application security modeling to include threat modeling and identification of attack vectors – 3+ years
• CORE: Red Team (White hat) pen tester team experience – 4+ years
DevSecOps or DevOps area:
• CORE: Applied experience with application security & threat modeling to include threat modeling and identification of attack vectors – 2+ years
• CORE: Red Team (White hat) pen tester team experience – 2+ years
• CORE: Web application development experience with Javascript Java (J2EE) Golang – 2+ years (combined across these languages)
• CORE: Web API experience writing and interacting with REST or SOAP API interfaces – 3+ years
• CORE: Security Architecture Design and Review of Architecture threat modelling 6+Years
• OPTIONAL: Patching and benchmarking (CIS L1 for example) automation via in-house scripting or enterprise tooling
• OPTIONAL: Secure Image (CIS images for example) use and automation for example secure boot network boot from images image deployment and refresh etc.
• OPTIONAL: years of Software defined Networking experience Openflow ONUS or any of the vendor implementations (Calico Beacon OpenDaylight Open vSwitch etc)
• OPTIONAL: Experience as an admin or superuser on Security Tools such as: SIEMs SOAR platforms vulnerability scanning DAST SAST Privileged ID mgmt. AuthZ solutions enterprise logging analysis EDR any zero trust tools (otherwise known as trusted execution or application whitelisting)
• OPTIONAL: experience with provisioning & provision automation in AWS Azure IBM Cloud Oracle or Google Cloud (experience can be with compute nodes storage database any of the “as a Service” offerings integration with on-prem systems for Hybrid cloud or bare metal systems)
• OPTIONAL: Experience with secure coding practices and testing to prevent and avoid attacks such as http state handling XSS OWASP Top 10 ZAP etc.
• OPTIONAL: Attack vector/pen testing tools experience (Kali Cobalt Strike Nmap BurpSuite etc.)
• OPTIONAL: Strong experience with scripting languages such as Python Ruby Bash Typescript etc.
• OPTIONAL: Web developer front end experience REACT Angular bootstrap or similar
• OPTIONAL: Regulatory bodies or regulatory frameworks ISO27001 FinRA/FFIEC HiTrust HIPAA NIST 800-53 GDPR FedRAMP PCI-DSS and EBA
Date Posted
10/21/2024
Views
0
Similar Jobs
Major Account Manager - Arista Channels
Views in the last 30 days - 0
Arista Networks is a leading company in datadriven clienttocloud networking known for its innovation in cloud computing AI and softwaredefined network...
View DetailsHR Recruiter - Milestone Business Solutions Inc.
Views in the last 30 days - 0
Milestone is seeking an experienced HR Recruiter for a fully remote position within EST or CST time zones The ideal candidate should have at least 3 y...
View DetailsTerritory Manager - Fortune Brands Home & Security
Views in the last 30 days - 0
Fortune Brands Innovations Inc is a leading innovation company focused on creating smarter safer and more beautiful homes They aim to elevate every li...
View DetailsTechnical Lead - Aleph Beta
Views in the last 30 days - 0
Eitan the current Technical Lead at Aleph Beta is stepping down due to personal reasons He is taking responsibility to find his successor actively sea...
View DetailsData Engineer (GIS experience preferred) - Novabyte Solutions
Views in the last 30 days - 0
The job posting is for a remote Data Engineer position The successful candidate will develop and optimize data systems initially focusing on geospatia...
View DetailsBusiness Architect - Onebridge
Views in the last 30 days - 0
Onebridge a highlyrated consulting firm is seeking a skilled Business Architect The role involves bridging the gap between business goals and technica...
View Details