Przesuń w lewo lub prawo,
aby przejść do następnej lub poprzedniej oferty pracy

Security Architect – Risk Advisor for Security Testing

IBM Global Services Delivery Centre Polska Sp. z.o.o.

Wrocław

64 dni temu

Security Architect – Risk Advisor for Security Testing
Miejsce pracy: Wrocław
Nr ref.: 177781BR
Job Description

 

IBM Security is looking for Security Architect – Risk Advisor for Security Testing which is with the IBM Security business unit-level Chief Information Security Officer (CISO) organization. As part of the larger risk management mission, the primary focus of this role is to define and manage proactive security testing and reporting of metrics on identification and remediation of vulnerabilities for both product and infrastructure related vulnerabilities. The successful candidate must possess sufficient technical and operational security expertise to serve as a subject matter expert (SME) in security testing and implementing mitigation or remediation steps for identified vulnerabilities. The Risk Advisor for Security Testing must be able to work independently in a fast-paced business environment and able to balance ad hoc requests on emerging threats/vulnerabilities with daily routine work.

 

Assigned duties include, but are not limited to:
  • Advise IBM Security business unit technical teams on cybersecurity vulnerabilities and emerging threats
  • Define and execute IBM Security BU-wide vulnerability testing program in partnership with existing security testing teams and tools that may include testing web applications, internal networks, wireless networks, mobile applications, thick-client applications, embedded applications, hardware, etc.
  • Partner with IBM Security Services delivery and infrastructure leadership, product engineering and development teams, and IBM Security CISO to identify appropriate mitigating security controls, remediation plans and improvements based on identified vulnerabilities
  • Collaborate with the Security Risk Validation team on their testing of security controls across IBM Security BU to identify any unremediated vulnerabilities
  • Collect and document periodic dashboard reporting and metrics demonstrating the vulnerability posture of the organization to executive management
  • Document security testing processes and program activities to ensure a high quality, repeatable program
  • Stay current on changes to technology, emerging security threats, internal IBM policy and standards, relevant regulatory requirements, and evaluate potential impacts on identified risks and security controls as well as suggest modifications to the BU risk management program
Required Skills & Experience:
  • 5+ years of direct information security operations experience, preferably roles within penetration testing (red team/blue team testing), threat management and/or incident response teams
  • 3+ years direct experience implementing and operating security testing tools such as Nessus and leveraging OWASP Top 10, SANS Top 20 Critical Security Controls, NIST Vulnerability Database (NVD) and CVE scoring within security testing programs
  • 3+ years experience managing computing environments in compliance with Corporate IT Security and other regulatory/standards requirements
  • 3+ years of demonstrated leadership and project management abilities
  • Proactive learning and awareness of emerging cybersecurity threats and mitigating technologies
  • Strong communication, technical writing and presentation skills with experience editing technical documents for technical accuracy, clarity and business impact
  • Strong analytical skills with ability to manipulate reporting metrics in to meaningful observations
  • Ability to work independently as well as part of a larger team to drive completion of tasks within a fast-paced, dynamic, global team
  • Bachelors degree in Management Information Systems, Computer Science or related field
  • Fluency in English
Preferred Skills & Experience:
  • 5+ years of direct information security operations experience, preferably roles within penetration testing, threat management and/or incident response teams
  • 3+ years experience managing computing environments in compliance with IBM Corporate IT Security requirements
  • 1+ years experience writing information security policy, process, and procedure documents
  • Prior experience in defining security testing programs and performing security control assessments on systems to validate the results of vulnerability testing and penetration testing type assessments
  • Prior experience as part of a software or SaaS engineering and development team
  • Prior experience auditing source code for security vulnerabilities
  • Prior experience with Agile design and project management methodologies
  • Certifications: SANS: CEH, GWAPT or OSCE, OSWE, OSCP or (ISC)2 - CISSP
Additional benefits
  • Work for the best Security Company in Europe (SC winner 2016) and The Best Mobile Security Solution with IBM MaaS360 2016 SC Magazine Europe Awards
  • Trainings and certifications
  • Private medical package and insurance package
  • Multisport Card
  • Working on international projects in multicultural teams
  • Good to be an IBMer discounts
  • Cinema & trips for IBMers
  • Language classes
  • Summer camps for children

Poznaj

IBM Global Services Delivery Centre Polska Sp. z.o.o.

IBM GSDC Poland in Wroclaw has been operating since 2010. From that forwards, our Centre has developed in an amazing pace launching new services covering hardware and software solutions used by our clients headquartered in the whole Europe. Currently we are looking for candidates at the position of:

Poznaj stanowisko: Security Engineer

Security Engineer to stanowisko, na którym pracownik jest odpowiedzialny za bezpieczeństwo funkcjonujących w danej firmie czy instytucji sieci zawierające ważne z jej punktu widzenia dane. W razie potrzeby reaguje na występujące zagrożenia i przeciwdziała ewentualnym skutkom awarii czy włamania. Regularnie przeprowadza audyty bezpieczeństwa istniejących aplikacji czy serwisów i kontroluje czy działają one zgodnie ...
Security Engineer Praca Security Engineer

Szukaj pracy według:

Dolnośląskie:
Wrocław (805)
Wałbrzych (48)
Legnica (117)
Kujawsko-pomorskie:
Bydgoszcz (201)
Toruń (119)
Lubelskie:
Lublin (219)
Chełm (37)
Lubuskie:
Łódzkie:
Małopolskie:
Kraków (898)
Tarnów (54)
Nowy Sącz (43)
Mazowieckie:
Warszawa (2019)
Radom (151)
Płock (38)
Opolskie:
Opole (156)
Nysa (64)
Podkarpackie:
Rzeszów (165)
Przemyśl (30)
Podlaskie:
Białystok (121)
Suwałki (43)
Łomża (18)
Pomorskie:
Gdańsk (430)
Gdynia (176)
Słupsk (55)
Śląskie:
Katowice (489)
Częstochowa (149)
Świętokrzyskie:
Warmińsko-mazurskie:
Olsztyn (123)
Elbląg (92)
Ełk (36)
Wielkopolskie:
Poznań (548)
Kalisz (56)
Konin (33)
Zachodniopomorskie:
Szczecin (308)
Koszalin (68)
Kołobrzeg (33)
Auchan (138)
Tesco (127)
Inditex (41)
OBI (2)
PKP (1)
STRABAG (4)
ABB (93)
Accenture (223)
Carrefour (119)
PKO BP (313)
KPMG (38)
Orange (24)
IKEA (16)
Budimex (28)

Rekrutują z Praca.pl