Introduction

At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities

Security architects work to understand strategic priorities, business requirements, technical requirements, issues identification, issue remediation and are called on to develop and articulate robust and innovative security solutions to address these all. Our Security Architects provide subject matter expertise in creating, implementing, and maintaining enterprise security programs.

A Security Architect is a subject matter expert in DevSecOps and/or system administration. The architect fills a critical role in the overall success of a project and are the primary source of security solution design and development. The Security Architect will work in conjunction with larger teams to deliver amazing technology solutions that delivers a secure experience and helps to build the Hybrid Cloud functionality.

The Security Architect is also a subject matter expert in regulatory bodies' cloud requirements, reviewing newly introduced regulations that impact Cloud environments worldwide. The architect must also be able to advise and, in some cases, prototype how to become compliant with these emerging security standards from differing industry regulatory bodies and national regulatory works. Experience with FedRAMP programs and certification a plus.

The Security Architect reviews the Security of Cloud services keeping in mind Data Security, Network Security, Infrastructure Security and Access Control.

The Security Architect Incorporates Security and Privacy by Design in a bottom up fashion in the Cloud Services.

The Security architect, depending on the area of work, perform evaluation and selection of the components, design of hardware, software, process and service components of the solution, assurance of deployment architectures, and guide secure engineering practices in development.

• Drive and maintain security throughout the entire Software Development Life Cycle of Services.

• Oversee Application Security Testing including Static and Dynamic Code scans (SAST/DAST), Vulnerability Assessment and Penetration Testing (VAPT) for completeness.

• Conduct Security assessments and threat modelling of Services

Required Technical and Professional Expertise

• 5+ years of experiences in building, deploying and managing large scale services / platforms for Cloud Platforms like AWS, Azure, IBM Cloud or Google Cloud.

• Delivering micro services at scale; designing micro services solutions

• Good understanding of real time streaming analytics and batch data processing architectures.

• Familiarity with distributed architecture, event-driven architecture.

• Python, Go Lang experience (Can also have Java, Scala, Rust)

• Container orchestration, performance and security (Kubernetes / Docker)

• DevSecOps practices

• Experience with one or more of the following: NoSQL Databases (eg: Cassandra, Mongo), Columnar Databases (eg RedShift, Snowflake), Search Engines (eg Elastic Search), Spark, Hadoop.

• Sound understanding of data science concepts, model development & performance tuning processes as well as coding, version control and CI/CD best practices

• 2+ years UI Development experience using React (Can also have angular)

• Scripting languages like Python, JavaScript, shell

• Release Engineering (Git Branching, versioning, tagging) and experience with Agile software development

• CI/CD tooling (Preferred ArgoCD, Tekton)

• 1+ years experience with one or more of these Monitoring tools: Sysdig, Zabbix, Grafana, Prometheus, ELK, etc..

• Experience with one or more automation and configuration management tools/solutions: Ansible, Terraform, Salt, Chef, python, bash, puppet, Rundeck, etc.

• Working knowledge of Compute, Network, Storage and Virtualization technologies

• Excellent verbal and written communication skills

• Highly responsible, motivated, follow / establish development practices and able to work with little direction

Preferred Technical and Professional Expertise

System Admin area :

• CORE: Linux system administration experience 6+ years.

• CORE: Linux container experience, Kubernetes, Docker, any LXC based technologies 4+ years

• CORE: 3+ years with any Regulatory bodies or regulatory frameworks ISO27001, FinRA/FFIEC, HiTrust, HIPAA, NIST 800-53, GDPR, FedRAMP, PCI-DSS, and EBA

• CORE: Applied experience with application security modeling to include threat modeling and identification of attack vectors - 3+ years

• CORE: Red Team (White hat) pen tester team experience - 4+ years

DevSecOps or DevOps area:

• CORE: Applied experience with application security & threat modeling to include threat modeling and identification of attack vectors - 2+ years

• CORE: Red Team (White hat) pen tester team experience - 2+ years

• CORE: Web application development experience with Javascript, Java (J2EE), Golang - 2+ years (combined across these languages)

• CORE: Web API experience, writing and interacting with REST or SOAP API interfaces - 3+ years

• CORE: Security Architecture, Design and Review of Architecture, threat modelling 6+Years

Preferred Skills :

• OPTIONAL: Patching and benchmarking (CIS L1 for example) automation via in-house scripting or enterprise tooling

• OPTIONAL: Secure Image (CIS images for example) use and automation, for example secure boot, network boot from images, image deployment and refresh, etc.

• OPTIONAL: years of Software defined Networking experience, Openflow, ONUS, or any of the vendor implementations (Calico, Beacon, OpenDaylight, Open vSwitch, etc)

• OPTIONAL: Experience as an admin or superuser on Security Tools such as: SIEMs, SOAR platforms, vulnerability scanning, DAST, SAST, Privileged ID mgmt., AuthZ solutions, enterprise logging analysis, EDR, any zero trust tools (otherwise known as trusted execution or application whitelisting),

• OPTIONAL: experience with provisioning & provision automation in AWS, Azure, IBM Cloud, Oracle, or Google Cloud (experience can be with compute nodes, storage, database, any of the 'as a Service' offerings, integration with on-prem systems for Hybrid cloud, or bare metal systems)

• OPTIONAL: Experience with secure coding practices and testing to prevent and avoid attacks, such as, http state handling, XSS, OWASP Top 10, ZAP, etc.

• OPTIONAL: Attack vector/pen testing tools experience (Kali, Cobalt Strike, Nmap, BurpSuite, etc.)

• OPTIONAL: Strong experience with scripting languages such as Python, Ruby, Bash, Typescript, etc.

• OPTIONAL: Web developer front end experience REACT, Angular, bootstrap, or similar

• OPTIONAL: Regulatory bodies or regulatory frameworks ISO27001, FinRA/FFIEC, HiTrust, HIPAA, NIST 800-53, GDPR, FedRAMP, PCI-DSS, and EBA

About Business UnitIBM Systems helps IT leaders think differently about their infrastructure. IBM servers and storage are no longer inanimate - they can understand, reason, and learn so our clients can innovate while avoiding IT issues. Our systems power the world's most important industries and our clients are the architects of the future. Join us to help build our leading-edge technology portfolio designed for cognitive business and optimized for cloud computing.

This job requires you to be fully COVID-19 vaccinated prior to your start date and proof of vaccination status will be required before your start date. During the Onboarding process you will be asked to confirm your vaccination status, in case you are unable to get vaccinated for any reason, you can let us know at that stage. Please let us know if you are unable to be vaccinated due to medical or religious reasons. IBM will consider such requests on a case by case basis subject to submission of required proof by the candidate before a stipulated date.

Your Life @ IBMIn a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

Are you ready to be an IBMer?

About IBMIBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

Location StatementWhen applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience.

For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.