IBM Computing
Security Engineer - DevSecOps
IBM Computing, Baltimore, Maryland, United States, 21276
IBM Security Engineer - DevSecOps in Baltimore, Maryland
IntroductionInformation and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.Your Role and ResponsibilitiesThe DevSecOps Security Engineer will support dynamic and static analysis (DAST and SAST) of code for multiple applications using Fortify and work across technical teams to support the remediation of findings. The DevSecOps Security Engineer will support a large team of infrastructure, security, and application teams during the migration of on-prem and cloud applications to the client Azure Government enclave. The security engineer will configure, operate, and maintain Security Code Scanning tools (Fortify). The engineer will provide support for security assessment and authorization/ATO process, and security audits.Required Technical and Professional ExpertiseExperience configuring, deploying, maintaining, and optimizing security code scanning tools (Fortify on Demand (FOD))Experience running Dynamic and Static Application Security Testing (SAST)Experience with reviewing and analyzing code scanning results and working with developers and other teams to remediate findingsManage integration of FOD with the CI/CD pipelineExperience supporting secure DevSecOps practicesExperience with the software build processPerform Cyber Supply Chain Risk Management (C-SCRM) activities to include configuring, deploying and maintaining SCRM tool (Mend) and analyze reports.Support Security Assessment and Authorization / ATO processCertified in industry recognized areas such as CISSP, CEH, CISA, or CISM or equivalentAbility to obtain and maintain a Federal security clearancePreferred Technical and Professional ExpertiseExperience coordinating across security, IT operations, audit, and development groups to achieve security outcomesSecurity certification in one or more cloud environments (Azure, AWS, Google...)Familiarity with NISTAbout IBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration.Location Statement IBM offers a competitive and comprehensive benefits program. Eligible employees may have access to healthcare benefits including medical & prescription drug coverage, dental, vision, and mental health & well-being. Financial programs such as 401(k), cash balance pension plan, the IBM Employee Stock Purchase Plan, financial counseling, life insurance, short & long-term disability coverage, and opportunities for performance-based salary incentive programs. Generous paid time off including 12 holidays, minimum 56 hours sick time, 120 hours vacation, 12 weeks parental bonding leave in accordance with IBM Policy, and other Paid Care Leave programs. IBM also offers paid family leave benefits to eligible employees where required by applicable law.Being You @ IBM IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
#J-18808-Ljbffr
IntroductionInformation and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.Your Role and ResponsibilitiesThe DevSecOps Security Engineer will support dynamic and static analysis (DAST and SAST) of code for multiple applications using Fortify and work across technical teams to support the remediation of findings. The DevSecOps Security Engineer will support a large team of infrastructure, security, and application teams during the migration of on-prem and cloud applications to the client Azure Government enclave. The security engineer will configure, operate, and maintain Security Code Scanning tools (Fortify). The engineer will provide support for security assessment and authorization/ATO process, and security audits.Required Technical and Professional ExpertiseExperience configuring, deploying, maintaining, and optimizing security code scanning tools (Fortify on Demand (FOD))Experience running Dynamic and Static Application Security Testing (SAST)Experience with reviewing and analyzing code scanning results and working with developers and other teams to remediate findingsManage integration of FOD with the CI/CD pipelineExperience supporting secure DevSecOps practicesExperience with the software build processPerform Cyber Supply Chain Risk Management (C-SCRM) activities to include configuring, deploying and maintaining SCRM tool (Mend) and analyze reports.Support Security Assessment and Authorization / ATO processCertified in industry recognized areas such as CISSP, CEH, CISA, or CISM or equivalentAbility to obtain and maintain a Federal security clearancePreferred Technical and Professional ExpertiseExperience coordinating across security, IT operations, audit, and development groups to achieve security outcomesSecurity certification in one or more cloud environments (Azure, AWS, Google...)Familiarity with NISTAbout IBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration.Location Statement IBM offers a competitive and comprehensive benefits program. Eligible employees may have access to healthcare benefits including medical & prescription drug coverage, dental, vision, and mental health & well-being. Financial programs such as 401(k), cash balance pension plan, the IBM Employee Stock Purchase Plan, financial counseling, life insurance, short & long-term disability coverage, and opportunities for performance-based salary incentive programs. Generous paid time off including 12 holidays, minimum 56 hours sick time, 120 hours vacation, 12 weeks parental bonding leave in accordance with IBM Policy, and other Paid Care Leave programs. IBM also offers paid family leave benefits to eligible employees where required by applicable law.Being You @ IBM IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
#J-18808-Ljbffr