IBM IBM Cloud Object Storage - Security Architect in CHICAGO, Illinois

Do you have a passion for leading edge technology? Are you searching for an opportunity to partner and work with intelligent and innovative colleagues? Would you thrive in a dynamic, fast-paced, entrepreneurial environment? If so, the IBM Cloud Object Storage team may be the right fit for you.The IBM Cloud Object Storage team is revolutionizing the storage industry by working to enable the world to confidently store, distribute, access and leverage unstructured content at massive scale – to accelerate digital transformation within enterprises around the world! Our cutting edge, proven technology has been recognized by a number of top analysts, most recently garnering more #1 positions than any other vendor in Gartner’s Critical Capabilities for Object Storage 31 March 2016. Our highly ambitious pursuits are fueled primarily by the stellar people we hire. We look for bright people who are passionate and dedicated team players.The Security Architect will be part of the Development Systems Engineering team, responsible for ensuring the architectural integrity and successful delivery of a scalable object storage platform. The Security architect is responsible for ensuring IBM Cloud Object Storage products and services are secure and provide key security-related functionality for end users and developers. This includes analyzing security requirements to identify needs for architectural changes, standard protocol adoption or innovation where industry standards trail emerging security requirements in large cloud deployments. The Security Architect will collaborate with product management and development to set clear requirements for security features. The Security Architect must possess an understanding of how security requirements can impact various functional areas of the architecture to assure smooth operation of the system.Successful candidates must possess detailed knowledge of how to secure cloud deployments at the Network, OS and Application Layer. A working knowledge of IDM solutions, such as Keystone, is required. The candidate should be capable of designing Federated Identity Management solutions that interoperate across security domains. Candidates must be capable of designing robust solutions and auditing implementations to recognize where sensitive data might be exposed. An understanding of AWS authentication and the Barbican API is also desired in the candidate.Candidates should be familiar with how to design auditable systems that support both real-time and post incident forensic analysis. As active members of multi-disciplined feature teams, the Security Architect is responsible for providing technical guidance throughout the development cycle to ensure successful product delivery.Role description:

  • Work closely with the Offering Management and Technology teams to identify and define new security features that align with and support the company’s overall business drivers and strategic direction.

  • Ability to communicate importance of security requirements and help the organization understand the need to balance security features with other customer features.

  • Ability to design security features in a way that does not interrupt the work flow of end users and can scale to large deployments.

  • Ability to develop threat models against architectures to drive requirements for preventing successful attacks of fielded product.

  • Define the conceptual architecture and do trade off analysis between the available architecture and design options using rapid prototyping approaches.

  • Decompose large projects into manageable features to enable incremental delivery of customer value in an Agile environment.

  • Lead the process of scoping the work required for new features with an understanding of the capabilities of various teams.

  • Create and refine effort estimates as new information emerges to support the feature commitment process.

  • Ensure architectural consistency across the system as new features are added to the product as well as anticipating the impacts of future features.

  • Actively work with developers and testers as the “hands on” Feature Architect on Feature Teams to ensure proper implementation and retirement of all requirements. This implies good coding, architecture and testing skills and the ability to apply them as a member of a team working across multiple functional areas and the ability to learn new areas of the product.

  • Investigate and resolve system level issues affecting functionality or performance.

  • Identify and develop mitigation plans for key technical risks that threaten program success.

  • Lead system level Root Cause Analysis (RCA) efforts leading to process improvements that eliminate classes of defects in the future.

  • As needed, engage with Customer Support (L2/L3) and customers to resolve critical field issues as they arise leading to improved resolution time, as well as future product and process improvements.

Required Skills:

  • Working understanding of Encryption, Authentication, and Key Management standards, including how they are implemented at the System, Application and OS level.

  • Working knowledge of Cloud Security Standards, Security Protocols and Intrusion Prevention techniques

  • Working knowledge of Identity Management protocols such as OAuth and SAML

  • 5 years writing clear and verifiable requirements

  • Root Cause Analysis

  • Debugging / solving technical problems in a local familiar and unfamiliar area

  • Knowledge of and application of data structures and algorithms to solve engineering problems

  • Tech authority: familiar with code, understands weak spots, understands underlying libraries, understands requirements and goals and inputs/outputs/interfaces of the package, authority/consultant/developer for features that affect this package.

  • Ability to learn and develop competency in unfamiliar languages or tools

  • Knowledge of distributed computing and networking principles

  • Able to integrate seemingly disparate things into a coherent picture

  • Proactive in becoming familiar with industry trends

  • Working understanding of Encryption, Authentication, and Key Management standards, including how they are implemented at the System, Application and OS level.

  • Working knowledge of Cloud Security Standards, Security Protocols and Intrusion Prevention techniques

  • Working knowledge of Identity Management protocols such as OAuth and SAML

  • 5 years writing clear and verifiable requirements

  • Root Cause Analysis

Cloud Top