Detalle de la Oferta

Descripción de la Oferta

Introducción

As an Application Security Consultant, the candidate will be a key advisor for IBM's clients, analysing business requirements to design and implement the best security solutions for their needs. They need to apply the technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

Su función y responsabilidades

- Help integrate a DevSecOps strategy and security toolchain as part of a Secure SDLC.

- Guidance on securing application migrations between on-prem and cloud.

- Administration and maintenance of the DevSecOps toolchain

- With the support of automation and DevSecOps, mandate security scanning of code changes, container images through CI/CD pipelines on every release and support development team on remediation of security assessment findings.

- Threat modelling for the significant changes on the applications to ensure Secure by Design approach is followed.

- Support periodic compliance activities and application risk assessments.

- Creating awareness and advocating security best practices on the context of application technology.

Remediation support and guidance to developers on fixing the issues.

Educación requerida

Licenciatura

Educación preferida

Maestría

Experiencia profesional y técnica requerida

- Minimum 4+ years of experience in IT Industry

- Proficient in Secure coding best practices and OWASP TOP 10 vulnerabilities

- Experience in: SAST, DAST, SCA, Container Security scanning, IaC security scanning, Secret scanning, Vulnerability Management and CI/CD Pipelines.

- Must be adept in "Secure By Design" Principles

- Experience in security requirements analysis for application

- Experience in security requirement implementation recommendations & guidance

- Prior experience in Threat Modelling, Application Security Test planning & coordination

- Experience in Application risk mitigation planning, Vulnerabilities remediation recommendation & guidance, Compliance & Metrics reporting

- Validated knowledge of Threat Risk Assessment, Application Risk classification, Security Architecture gap assessment and secure SDLC process definition and tooling

- Exposure to DevSecOps - Security integration in CI/CD pipeline - design, implementation

- Demonstrated ability with On-prem / Cloud migration controls review and implementation

Experiencia técnica y profesional preferida

- Practical experience in DevOps environments

- Experience in software development methodologies

- CISSP - Certified Information Systems Security Professional

Acerca de la Unidad de Negocios

IBM Consulting es la unidad de negocio encargada de la consultoría y servicios profesionales globales de IBM, con capacidades líderes en el mercado en transformación empresarial y tecnológica. Con una gran experiencia en diversas industrias, ofreciendo servicios de estrategia, experiencia, tecnología y operaciones a muchas de las empresas más innovadoras y valiosas del mundo. IBMers en Cosnulting se enfocan en acelerar los negocios de nuestros clientes a través del poder de la colaboración. Creemos en el poder de la tecnología utilizada de manera responsable para ayudar a las personas, los socios y el planeta.

SU VIDA @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better

Educación Superior