Security Engineer - DevSecOps

IBM - Washington, DC

posted 28 days ago

Part-time - Mid Level
Washington, DC
Computer and Electronic Product Manufacturing

About the position

The Security Engineer - DevSecOps at IBM is responsible for analyzing business requirements and implementing security solutions for clients. This role involves supporting dynamic and static analysis of code, working with various technical teams during the migration of applications to the Azure Government enclave, and maintaining security code scanning tools. The engineer will also assist in security assessments and audits, ensuring the integrity and security of data across platforms.

Responsibilities

  • Support dynamic and static analysis (DAST and SAST) of code for multiple applications using Fortify.
  • Work across technical teams to support the remediation of findings.
  • Configure, operate, and maintain Security Code Scanning tools (Fortify).
  • Provide support for security assessment and authorization/ATO process and security audits.
  • Perform Cyber Supply Chain Risk Management (C-SCRM) activities, including configuring and maintaining SCRM tools.

Requirements

  • 5+ years experience supporting secure DevSecOps practices using FORTIFY.
  • 5+ years experience running Dynamic and Static Application Security Testing (SAST).
  • 5+ years experience with source version control, build/release tools and methodologies.
  • 5+ years experience with CI/CD pipelines.
  • 5+ years experience with the software build process.
  • 5+ years experience supporting backups and disaster recovery.
  • 5+ years experience maintaining access control and the integrity of data throughout the platform.
  • 5+ years experience designing, developing, evaluating and modifying systems and systems-oriented products.
  • 5+ years experience configuring, deploying and maintaining security code scanning tools (Fortify).
  • Certified in industry recognized areas such as CISSP, CISA, or CISM.

Nice-to-haves

  • Excellent organization, collaboration, project management, and team leadership skills.
  • Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership.
  • 2+ years experience executing security compliance in multi-cloud or DevSecOps environments.
  • 2+ years experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes.
  • Security certification in one or more cloud environments (Azure, AWS, Google...).
  • Familiarity with NIST.

Benefits

  • Healthcare benefits including medical & prescription drug coverage, dental, vision, and mental health & well being.
  • Financial programs such as 401(k), the IBM Employee Stock Purchase Plan, financial counseling, life insurance, short & long-term disability coverage, and opportunities for performance-based salary incentive programs.
  • Generous paid time off including 12 holidays, minimum 56 hours sick time, 120 hours vacation, 12 weeks parental bonding leave, and other Paid Care Leave programs.
  • Training and educational resources on a personalized, AI-driven learning platform for skill growth and certifications.
  • Diverse and inclusive employee resource groups, giving & volunteer opportunities, and discounts on retail products, services & experiences.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service