Security Engineer - Threat Detection Response & Intelligence

Introduction
At IBM work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so lets talk.

Your Role and Responsibilities
In this role you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world.​ Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
A career in IBM Consulting embraces long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including IBM Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you’ll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Required Technical and Professional Expertise

• Security Architecture: Design and develop security architectures for complex systems ensuring they meet security requirements and standards.
• Solution Design: Collaborate with project teams to integrate security controls into the overall solution architecture during the design phase.
• Risk Management: Assess security risks and provide guidance on risk mitigation strategies to project teams and management.
• Security Guidance: OUer expert advice and guidance on security best practices emerging threats and security tools.
• Security Reviews: Conduct security reviews and audits of systems applications and infrastructure to identify vulnerabilities and recommend remediation actions.
• Security Documentation: Create and maintain security architecture documentation including diagrams policies standards and procedures.
• Incident Response: Participate in incident response activities providing expertise in analyzing security incidents and implementing response measures.
• Training and Awareness: Educate staU on security policies procedures and best practices to promote a culture of security awareness.
• Technology Evaluation: Evaluate new and emerging security technologies and products making recommendations for their adoption based on organizational needs.
• Compliance and Governance: Ensure solutions comply with relevant regulatory and legal requirements as well as internal security policies and standards.

Preferred Technical and Professional Expertise

• Perform architecture security reviews and provide defense in depth controls and consulting on securing SaaS PaaS or IaaS cloud services.
• Collaborate with other Security Architects on design develop research and implement security architectures and process enhancements – Working knowledge of information security controls guidelines and standards (e.g. ISO27000 series OWASP CSA CCM CIS 20 Critical Security Controls SOC 2 and NIST).
• Technical expertise throughout the software development lifecycle including design implementation and delivery (DevOps processes in a Cloud environment). Professional experience with modern technologies such as public and hybrid cloud (IBM AWS GCP Azure etc.) containerization and orchestration (Kubernetes) & microservice architectures.