We are currently seeking a Cloud Security Engineer to join our Information Security and Compliance team in IBM Cloud Lab, Austin TX. In this role you are responsible for the design of Genesis Cloud technical security architecture, advises on Genesis global technical Cloud Security architecture and provides technical input across all IT service portfolios.
Works with the Genesis Information Security and Compliance team to establish and document requirements and provide technical solutions and/or alternatives that meet the requirements.
Independent development of written technical designs and solutions that respond to Genesis Information Security and Privacy policies, standards and documented requirements
Preform Vulnerability Scanning and Malware Analysis
Independent development of architectural and workflow diagrams depicting the technical Cloud security architecture and processes needed to meet solution recommendations
Assess, monitor and recommend improvements to the global Genesis Cloud security architecture based on improving practitioner productivity, reducing risk, and balancing costs
Documents externally defined business and technical requirements as they pertain to security, privacy and compliance
Documents solutions that respond to requirements with defensible explanations of how and why certain technologies and methodologies were chosen
Documents the expected service level(s) for the solution in accordance with defined requirements
Forecasts and estimates various performance, capacity and operational thresholds based on vendor data, research and development, and testing / piloting to ensure the ability to meet the established service level
Defines the tasks, processes and procedures necessary to implement, maintain support, and monitor the proposed solution
Collaborates with the Genesis Information Security and compliance team to develop Genesis global Cloud security architecture and maturity standards. Monitors and reports on adherence and recommends improvements.
Performs hands on technology assessments to enhance and/or support new and existing IT systems and security services
Assists the Genesis Information Security and compliance team in performance of gap analysis to identify architectural risks in the enterprise and provides recommendations for remediation
Performs hands on analysis to determine the root cause
Utilizes an evidentiary based approach to troubleshooting and documenting the troubleshooting effort, root cause and recommendations
Reviews proposed designs for appropriate compliance with established standards
Proactively identifies technical and architectural risks, commenting and/or providing alternatives for improvement
Reviews to ensure use of best practices and in compliance with security framework like ISO2700x, PCI, HIPAA, NIST, CSA.
Assists the Cloud Network team in performing security design, analysis and recommendation for a wide variety of IT systems and technologies
Assisted Genesis Cloud teams with technical issues
Provides hands on supports to the IT security systems administration, IR team, and architecture development team, including monitoring and capacity planning.
Remains up to date on current and new Cloud technologies to determine relevancy and applicability
Generates and maintains metrics for trending.
Analyzes and maintains performance data to monitor usage and optimization of the Cloud architecture.
Responsible for the execution and maintenance of:
Use and compliance with Genesis’s Change Management Control Process
Use and compliance with the Systems Development Life Cycle (SDLC) standards when developing solutions.
Proactively engages management as necessary to resolve issues and ensure awareness of potential dangers to the environment.
Daily time entry to record time.
Support other IT staff with open and unresolved issues.
Provides on-call support via cell-phone 24 x 7.
Take on responsibilities as a backup or alternate for other IT security staff.
Cover and resolve any outstanding Service Desk related issues in an effort to help all IT members resolve tickets as quickly and efficiently as possible.
8+ Years’ experience in the design and operation of Information Security and Cloud Security architecture
Certified Information Systems Security Professional, (SANS/GIAC GCIA and/or CISSP)
Experience designing and implementing Cloud security technologies, including encryption and access controls / monitoring
Application Security development skills
Programming and Scripting skills (Python, Java)
Experience performing Malware Analysis
High level certification in relevant technology areas
Bachelor’s in Technology, Information Technology
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.