IBM Cloud Security Engineer in New York, New York

The shift toward the consumption of IT as a service, i.e., the cloud, is one of the most important changes to happen to our industry in decades. At IBM, we are driven to shift our technology to an as-a-service model and to help our clients transform themselves to take full advantage of the cloud. With industry leadership in analytics, security, commerce, and cognitive computing and with unmatched hardware and software design and industrial research capabilities, no other company is as well positioned to address the full opportunity of cloud computing. We are looking for a Cloud Security Engineer to sit in either Austin, TX or Boston, MA to join our Information Security and Compliance team which is part of our Cloud Innovation Lab team. In this role, you are responsible for the design of Genesis Cloud technical security architecture, advises on Genesis global technical Cloud Security architecture and provides technical input across all IT service portfolios. Responsibilities:

  • Working with the Genesis Information Security and Compliance team to establish and document requirements and provide technical solutions and/or alternatives that meet the requirements

  • Development of written technical designs and solutions that respond to Genesis Information Security and Privacy policies, standards and documented requirements

  • Performing Vulnerability Scanning and Malware Analysis

  • Assessing, monitoring and recommending improvements to the global Genesis Cloud security architecture based on improving practitioner productivity, reducing risk, and balancing costs

  • Defining the tasks, processes and procedures necessary to implement, maintain support, and monitor the proposed solution

  • Collaborating with the Genesis Information Security and compliance team to develop Genesis global Cloud security architecture and maturity standards. Monitors and reports on adherence and recommends improvements

  • Working with the Genesis Information Security and Compliance team, and others, to develop roadmaps for the next generation Cloud security technology solutions for assigned portfolio’s and develops plans, methodologies and timelines to get there

  • Performing analysis to determine the root cause

  • Reviewing, auditing and evaluating Cloud security solutions and designs

  • Proactively identifying technical and architectural risks, commenting and/or providing alternatives for improvement

  • Reviewing to ensure use of best practices and in compliance with security framework like ISO2700x, PCI, HIPAA, NIST, CSA

Additional Responsibilities Include:

  • Remaining up to date on current and new Cloud technologies to determine relevancy and applicability

  • Generating and maintain metrics for trending

  • Analyzing and maintaining performance data to monitor usage and optimization of the Cloud architecture

  • Responsible for execution and maintenance of:

  • Use and compliance with Genesis’s Change Management Control Process

  • Use and compliance with the Systems Development Life Cycle (SDLC) standards when developing solutions

The Cloud Security Engineer should possess the following:

  • Excellent communication and problem solving skills

  • Demonstrated ability to work independently and cross-functionally in a matrixed environment

  • Ability to manage the details of compliance with policies, standards and industry frameworks

  • Ability to effectively communicate and coordinate with senior business management and peers

  • Strong business and technical process design and documentation skills

  • Possesses a high level of technical/functional expertise and knowledge

  • Industry expertise with best practices, standards, and technology

  • Ability to understand and apply policies and procedures

  • At least 10+ years’ experience in the design and operation of Information Security and Cloud Security architecture

  • Experience designing and implementing Cloud security technologies, including encryption and access controls / monitoring

  • Application Security development skills

  • Programming and Scripting skills (Python, Java)

  • Experience performing Malware Analysis

  • Certified Information Systems Security Professional, (SANS/GIAC GCIA, CISSP)

Cloud Top