At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Role and Responsibilities
Enjoy challenges? Big challenges? Come work for the office of the IBM CISO organization and help meet the global challenges of keeping one of the largest companies in the world secure. We're looking for enthusiastic and innovative team members to join us.
This position is in the existing vulnerability management squad. The ideal candidate will possess a strong technical and security background with an emphasis on supporting enterprise security applications and services; mainly identifying, managing and reducing vulnerabilities. He / She will work within a fast paced, Agile environment collaborating with cybersecurity architects and technology teams across IBM CISO and business units to implement and support next generation security solutions.
Essential Job Duties:
Perform comprehensive vulnerability assessments and continuous monitoring across the organization.
Manage the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.
Work with different business units to perform vulnerability assessments on systems or applications before go live rollouts.
Triage patch Tuesday releases and make recommendations on required remediations.
Examine systems and applications to assess the current security posture.
Manage vulnerability related tickets to ensure issues are remediated within proper timelines.
Create standards and procedures for prioritizing vulnerabilities
Create and socialize procedures for reporting vulnerabilities to the correct individuals/teams
Analyze false positives and provide guidance for reducing/eliminating them
Monitor and report on progress towards mitigating vulnerabilities
Vulnerability Identification and Root Cause Analysis (including awareness of current vulnerabilities and patches)
Perform analysis of findings to eliminate false positives and to aggregate findings by common weakness enumeration criteria
Required Technical and Professional Expertise
3+ years of professional experience working within a Vulnerability Management role.
Extensive experience with core vulnerability management scanners (e.g. Tenable, Rapid7, Qualys etc.).
Ability to prioritize impactful vulnerabilities and reduce noise often associated with vulnerability tools. Understanding of how to triage vulnerabilities and validate tool findings before reporting them or taking action.
Stays up to date with current vulnerabilities and vulnerability related news in various industries.
Knowledgeable of the OWASP top 10 web vulnerabilities and remediation strategies.
Technical understanding in some of the following areas: network communication using TCP/IP protocols, basic Unix and Windows system administration, basic understanding of malware and malicious system, or intermediate knowledge of computer network defense operations (proxies, firewalls, IDS/IPS, routers/switches, web app firewalls)
Preferred Technical and Professional Expertise
Scripting skills (E.g: Python, Perl, Bash, PowerShell, etc.)
Experience in Container vulnerability scanning and familiarity with tools such as Twistlock and AquaSec
Industry recognized certification from ISC2, ISACA, CSA, or SANS
About Business UnitIBM Systems helps IT leaders think differently about their infrastructure. IBM servers and storage are no longer inanimate - they can understand, reason, and learn so our clients can innovate while avoiding IT issues. Our systems power the world's most important industries and our clients are the architects of the future. Join us to help build our leading-edge technology portfolio designed for cognitive business and optimized for cloud computing.
Your Life @ IBMWhat matters to you when you're looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities - where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust - where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
About IBMIBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.
Location StatementIBM offers a wide range of resources for eligible IBMers to thrive both inside and outside of work. In addition to a competitive benefits program consisting of medical and life insurance, retirement plans, and time off, eligible employees may also have access to:
*12 weeks of paid parental bonding leave. Family care options are also available to support eligible employees during COVID-19.
*World-class training and educational resources on our personalized, AI-driven learning platform. IBM's learning culture supports your restless attitude to grow your skills and build the depth and scale of knowledge needed to achieve your career goals.
*Well-being programs to support mental and physical health.
*Financial programs that empower you to plan, save, and manage your money (including expert financial counseling, 401(k), IBM stock discount, etc.).
*Select educational reimbursement opportunities.
*Diverse and inclusive employee resource groups where you can network and connect with IBMers across the globe.
*Giving and volunteer programs to benefit charitable organizations and local communities.
*Discounts on retail products, services, and experiences.
We consider qualified applicants with criminal histories, consistent with applicable law.
IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship.
Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.