IBM Cloud Security Architect in LITTLETON, Massachusetts

Job Description

We are currently seeking a Cloud Security Architect to join our Information Security and Compliance team in IBM Cloud Lab, Littleton, MA. In this role, you are responsible for the design of IBM Cloud technical security architecture, advises on IBM Cloud global technical Cloud Security architecture and provides technical input across all IT service portfolios.

  • Works with the IBM Cloud Information Security and Compliance team to establish and document requirements and provide technical solutions and/or alternatives that meet the requirements.

  • Identifies security requirements by researching and analyzing needs, the IBM Cloud’s objectives and organizational capabilities.

  • Develops designs for the security architecture by understanding IBM Cloud, Cloud security, compliance and privacy strategies; envisioning the architectural scheme and formalizing into reference architectures that can be implemented and integrated into the IBM Cloud network.

  • Collection and validation of requirements.

  • Identification of risks, threats, vulnerabilities, potential anomalous flows and interactions.

  • Definition of the security processes for assurance, management and compliance.

  • Definition of security subsystems.

  • Design of integration and deployment architectures for security in Networks, Infrastructure, Middleware, Applications and depending on the area of work, the Security Architect may perform evaluation and selection of the components, design of hardware, software, process and service components of the solution, assurance of deployment architectures, and guide secure engineering practices in development.

  • Independent development of written technical designs and solutions that respond to IBM Cloud Information Security and Privacy policies, standards and documented requirements

  • Preform Vulnerability Scanning and Malware Analysis

  • Independent development of architectural and workflow diagrams depicting the technical Cloud security architecture and processes needed to meet solution recommendations

  • Assess, monitor and recommend improvements to the global IBM Cloud, Cloud security architecture based on improving practitioner productivity, reducing risk, and balancing costs

  • Defines and documents the Cloud business and technical security architecture for solutions, ensuring that they match internal and external customer requirements.

  • Documents externally defined business and technical requirements as they pertain to security, privacy and compliance

  • Defines the approved reference IBM Cloud security architecture that is used to provide the blueprint for delivered solutions

  • Documents solutions that respond to requirements with defensible explanations of how and why certain technologies and methodologies were chosen

  • Documents the expected service level(s) for the solution in accordance with defined requirements

  • Forecasts and estimates various performance, capacity and operational thresholds based on vendor data, research and development, and testing / piloting to ensure the ability to meet the established service level

  • Defines the tasks, processes and procedures necessary to implement, maintain support, and monitor the proposed solution

  • Documents and presents Cloud security architecture for new services to leadership.

  • Collaborates with the IBM Cloud Information Security and compliance team to develop IBM Cloud global Cloud security architecture and maturity standards. Monitors and reports on adherence and recommends improvements.

  • Performs technology assessments to enhance and/or support new and existing IT systems and security services

  • Assists the IBM Cloud Information Security and compliance team in performance of gap analysis to identify architectural risks in the enterprise and provides recommendations for remediation

  • Works with the IBM Cloud Information Security and Compliance team, and others, to develop roadmaps for the next generation Cloud security technology solutions for assigned portfolio’s and develops plans, methodologies and timelines to get there

  • Identifies, troubleshoots, and resolves chronic and complex IT Problems

  • Performs analysis to determine the root cause

  • Utilizes an evidentiary based approach to troubleshooting and documenting the troubleshooting effort, root cause and recommendations

  • Reviews, audits and evaluates Cloud security solutions and designs

  • Reviews proposed designs for appropriate compliance with established standards

  • Proactively identifies technical and architectural risks, commenting and/or providing alternatives for improvement

  • Reviews to ensure use of best practices and in compliance with security framework like ISO2700x, PCI, HIPAA, NIST, CSA.

Additional Responsibilities:

  • Assists the Cloud Network team in performing security design, analysis and recommendation for a wide variety of IT systems and technologies

  • Assisted IBM Cloud team’s with technical issues.

  • Provides supports to the IT security systems administration and architecture development team, including monitoring and capacity planning.

  • Remains up to date on current and new Cloud technologies to determine relevancy and applicability

  • Generates and maintains metrics for trending.

  • Analyzes and maintains performance data to monitor usage and optimization of the Cloud architecture.

  • Responsible for the execution and maintenance of:

  • Operational Calendars

  • Use and compliance with IBM Cloud’s Change Management Control Process

  • Use and compliance with the Systems Development Life Cycle (SDLC) standards when developing solutions.

  • Proactively engages management as necessary to resolve issues and ensure awareness of potential dangers to the environment.

  • Daily time entry to record time.

  • Support other IT staff with open and unresolved issues.

  • Provides on-call support via cell-phone 24 x 7.

  • Take on responsibilities as a backup or alternate for other IT security staff.

  • Cover and resolve any outstanding Service Desk related issues in an effort to help all IT members resolve tickets as quickly and efficiently as possible.

Required Technical and Professional Expertise

Required Skills

  • 10+ Years’ experience in the design and operation of Information Security and Cloud Security architecture

  • Certified Information Systems Security Professional, (SANS/GIAC GCIA, CISSP)

  • Experience designing and implementing Cloud security technologies, including encryption and access controls / monitoring

  • Application Security development skills

  • SME programming and Scripting skills in GO, Python, Java

  • Experience performing design of integration and deployment architectures for security in Networks, Infrastructure, Middleware and applications.

  • Experience performing evaluation and selection of the Security components, design of hardware, software, process and service components.

  • Experience performing assurance of deployment architectures, and guide secure engineering practices in development.

  • Independent development of written technical designs and solutions that respond to Genesis Information Security and Privacy policies, standards and documented requirements

Preferred Tech and Prof Experience

Preferred Skills

  • Current information security certifications from SANS and Cisco.

  • Working knowledge of industry security frameworks (e.g. ISO2700x, NIST, HIPAA, and Cloud Security Alliance)

  • Vulnerability Scanning (Nessus, SecurityCenter, AppScann)

  • SIEM/Network/IDS Experience (QRadar, Splunk, Nmap)

  • Programming and Scripting Experience

  • Malware Analysis

  • Excellent communication skills and problem solving

  • Demonstrated ability to work independently and cross-functionally in a matrixed environment.

  • Experience performing design of integration and deployment architectures for security in Cloud systems.

  • Ability to manage the details of compliance with policies, standards and industry frameworks

  • Ability to effectively communicate and coordinate with senior business management and peers.

  • Strong business and technical process design and documentation skills.

  • Possesses a high level of technical/functional expertise and knowledge.

  • Industry expertise with best practices, standards, and technology.

EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.