IBM Jobs

Job Information

IBM DAS: Data and application security in Mumbai, India


Information and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities

DAS Delivery Leader is an advisor who can speak to the DAS security landscape and can communicate effectively with senior members of client management and/or executive teams. The DAS Delivery Leader should have a in-depth knowledge and experience in Data & Application Security and should be able to speak to the breadth of the security landscape as well.

If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. Responsibilities: Security Domain Knowledge:

  • AppSec (DAST/SAST), VA-PT, Mobile Security

  • Should be able to recommend remediation action for the security vulnerabilities.

  • Good understanding of OWASP top 10 and web Application security audits.

  • Familiarity with tools like Nmap, Kali Linux, Metasploit, BurpSuite, SAINT, Qualys, Nessus, Wireshark etc. Ability to assess new testing tools.

  • Ability to generate project deliverables/reports and present the findings to all the internal and external stakeholders

  • Develop testing methodologies and frameworks

  • Able to understand client requirements during the scoping and testing phase and able to make informed decisions.

  • Knowledge of any of the programming or scripting language is an added advantage

  • Data Loss Prevention (DLP)

  • Implementation experience of DLP solutions and architecture for the organization

  • Design, deploy, validate, and support effective security solutions that provide complete coverage and protection.

  • Provide support from the proof of concept phase to deployment for DLP

  • Experience with DLP process flow and Data Flow Analysis

  • Implement simplified security metrics approach that enables executive leaders to quickly take action on security related risks.

  • Develop and optimize processes to improve security threat identification and remediation

  • Maintain active understanding of industry practices for DLP improvements and incident response.

  • Database Activity Monitoring (DAM)

  • Implementation experience of DAM solutions and architecture for the organization

  • Design, deploy, validate, and support effective security solutions that provide complete coverage and protection.

  • Provide support from the proof of concept phase to deployment for DAM

  • Develop and optimize processes to improve security threat identification and remediation

  • Maintain active understanding of industry practices for DAM improvements and incident response.

Security Architecture Knowledge:

  • Set technical direction and developed solution architecture in a complex client environment

  • Used modeling techniques and provided expert advice to demonstrate how the proposed solution meets business requirements

  • Assessed technical solutions and conducted technical quality reviews

  • Developed and applied IT standards in creation of solutions

  • Selected relevant methodologies and adapted, applied and enforced their use to successfully guide the creation of work products that met requirements

  • Designed and implemented solutions to solve complex technical problems

  • Documented client requirements and architectural decisions.

  • Managed the architectural elements of a project plan

  • Defined a security solution that met the client's security requirements using IBM and industry standard procedures and tools

  • Developed the business case for the value added or realized by a technical solution project by outlining specific targets and goals


  • Provide global practice leadership by facilitating a community of likeminded practitioners to share and exchange ideas for practice growth and improvement

  • Contribute content and advice to the offering development process

  • Help shape the emerging model of the global Security practice


  • Help establish capability and skills models for the core domain

  • Become a role model for global practitioners in the core domain


Required Technical and Professional Expertise

  • Overall experience of at least 14+ years of which at least 10 years' experience in management consulting and systems integration in a top tier professional services firm

  • At least 10 years' experience working in projects related to the core domain

  • Experience working across diverse teams to facilitate solutions

  • Experience working with Security practitionersReadiness to travel 50%

  • Demonstrated communication and presentation skills

  • Effective written skills

  • Ability to research and develop new security offerings

  • Comfortable working in a project based / client serving model

  • Ability to lead and shape client expectations

  • Help drive pursuits and engage in complex deals, matching outcomes to expectations

  • Ability to work easily with diverse and dynamic teams

  • Ability to work in a matrix management model

  • Working knowledge of industry standard risk, governance and security standard methodologies

  • Expertise on skills like NIPS, WAF, SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Security

  • Proven ability of incident response processes (detection, triage, incident analysis, remediation and reporting)

  • Proven attention to detail and organizational skills and ability to coordinate input and develop relevant metrics

  • Competent with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc.

  • Automation knowledge via RPA/Scripting (Java/Python etc)

  • Strong understanding of tool KPIs/Metrics for proper reporting/dashboarding

Preferred Technical and Professional Expertise

  • One or more security certifications: OWASP,CEH, Security+, GSEC, GCIH, etc

  • You love collaborative environments that use agile methodologies to encourage creative design thinking and find innovative ways to develop with cutting edge technologies

  • Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work

  • Intuitive individual with an ability to manage change and proven time management

  • Proven interpersonal skills while contributing to team effort by accomplishing related results as needed

  • Up-to-date technical knowledge by attending educational workshops, reviewing publications

About Business UnitIBM Security is helping clients develop an integrated and intelligent immune system. IBM's security portfolio provides solutions to organizations which holistically protect their people, data, applications and infrastructure.

So, if your desire is to help empower people with unmatched security while working in a supportive and engaging environment, we'd love to hear from you.

Your Life @ IBMAre you craving to learn more? Prepared to solve some of the world's most unique challenges? And ready to shape the future for millions of people? If so, then it's time to join us, express your individuality, unleash your curiosity and discover new possibilities.

Every IBMer, and potential ones like yourself, has a voice, carves their own path, and uses their expertise to help co-create and add to our story. Together, we have the power to make meaningful change - to alter the fabric of our clients, of society and IBM itself, to create a truly positive impact and make the world work better for everyone.

It's time to define your career.

About IBMIBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

Location StatementWhen applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience.

For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.