IBM Cybersecurity Vulnerability Analyst - IBM CISO in RESEARCH TRIANGLE PARK, North Carolina
The IBM Global Chief Information Security Organization (IBM CISO) is seeking a highly self-motivated leader who is passionate about security and vulnerability management to join the dynamic IBM CISO Vulnerability Management (VM) team.
The Cybersecurity Vulnerability Analyst will implement and enhance IBM’s vulnerability management policies, standards, and processes including existing PSIRT (Product Security Incident Response Team). This role is a part of an exciting fast paced corporate security team. Security is one of IBM's critical pillars and the position offers great visibility.
In this role, you will be part of a fast-paced Agile team collaborating closely with IBM CISO VM solution engineers to drive solutions and proper vulnerability management across all business units to reduce risk to IBM and customers. Successful candidates will be innovative thinkers and possess out-of-the box thinking to improve effectiveness of security teams in an ever-changing environment.
Define and document IBM Vulnerability Management policies, standards, and processes
Manage real-time security vulnerabilities, conduct assessments, and assess vulnerability risk and impact
Lead and coordinate cross-functional teams to handle urgent security vulnerability events
Work with third-parties that report vulnerabilities and coordinate resolution
Identify, Assess, and Validate vulnerabilities with strong technical understanding of security vulnerabilities to assess impact
Manage and drive IBM asset owners to remediate their vulnerabilities within remediation timelines, determine deviations, and escalate when needed
Communicate, create, and report vulnerability status and metrics to IBM Executives and Business Unit BISOs stakeholders at all levels
Gather user requirements and influence design, development, enhancements of VM tools
Drive user community adoption of Vulnerability Management tools and provide support
Research information security trends, standards and practices to enhance vulnerability management
YOUR ABILITIES & SKILLS
Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Skilled in conducting vulnerability scans and recognizing vulnerabilities in security systems; conducting application vulnerability assessments and performing impact/risk assessments.
Ability to develop insights about the context of an organization’s threat environment
No remote opportunities exist - Must be able to work onsite in Raleigh, NC
Must have the ability to work in the US without current/future need for IBM sponsorship
Your life at IBM
Impact. Inclusion. Infinence.
Together, these themes provide the foundation of the experiences of all IBMers, and represent the value inherent in a career with IBM.
Our work is truly life changing - from helping to cure diseases, predict weather, to cleaning oceans and beyond.
Our culture of openness, collaboration, trust, invites everyone to have a voice.
Careers are made from experiences. At IBM, those experiences can be diverse, unlimited and far-reaching so you can truly discover your true passion – without ever changing the company.
Required Technical and Professional Expertise
At least 4 years experience in vulnerability management best practices, techniques, and tools.
At least 4 years experience in identifying, assessing, validating, remediating, and status reporting of vulnerabilities end to end
At least 2 years experience in defining and documenting vulnerability management policies, processes, and framework
Preferred Tech and Prof Experience
Prior experience with vulnerability management tools such as Qualys, Tenable, Rapid7, etc. and/or process management/issue tracking tools such as IBM Business Process Management (BPM), Jira, etc.
Strong leadership, collaboration, communication, and problem solving skills.
Knowledge of IT security best practices, standards, techniques
Knowledge of industry security frameworks (ISO2700x, NIST, HIPAA, Cloud Security)
Agile and DevOps methodologies
Demonstrated ability to work in a fast-paced environment with global cross-matrix teams
Certified Information Systems Security Professional (CISSP)
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.