Technical Security Engineer

Introduction
At IBM work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so lets talk.

Your Role and Responsibilities
We are looking for a Technical Security Software Engineer who is a self-starter quick learner and who enjoys working in a challenging fast paced environment.  Our patented Emmy® award-winning FASP™ protocol is at the core of next-generation transport technologies that move the world’s data at maximum speed regardless of file size transfer distance and network conditions.

This individual must have a detailed understanding of security in cloud-based distributed SaaS environments as well as on-premise customer managed installations.

This individual will be responsible for collaborating with multiple cross-functional teams to manage security reviews threat models penetration testing authentication authorization and encryption strategies for microservice based cloud architectures as well as single machine applications and just about everything else in-between.

This individual will also be responsible for implementing and addressing the security issues in the Aspera products whether it’s implementing a new security fea

Required Technical and Professional Expertise

• 6+ years of Good programming knowledge in languages like Ruby or Golang
• In-depth knowledge of common vulnerabilities (e.g. SQL Injection XSS CSRF) Session/Cookie management
• CVE management lifes cycle
• Experience with CI/CD pipelines and tools like Jenkins Docker and Kubernetes.
• Understanding of encryption algorithms secure key management and protocols like TLS/SSL.
• Skills in identifying and remediating security vulnerabilities within applications and infrastructure.
• Knowledge of securing RESTful APIs handling authentication and authorization using Oauth JWT.

Preferred Technical and Professional Expertise

• Security architecture in distributed cloud environments.
• Cryptography.
• Threat Assessment.
• Security Design and Review process.
• Ability to convey complex ideas to technical and non-technical audiences.
• Attention to details