IBM is an IT technology and consulting firm providing computer hardware, software, infrastructure, and hosting services. They are seeking a Security Consultant to identify and assess application security requirements, develop security policies, and implement security tools to enhance application security posture.
Identify application security by design requirements and objectives based on an application profile, business context and applicable data security regulations.
Perform application security risk assessments and provide recommendations towards the implementation of application security controls to secure applications.
Develop policies and procedures to meet organizational application security requirements.
Perform assessments of the architecture to secure application development approach and strengthen the application security architecture and posture by providing countermeasures to improve application security posture and to reduce cyber risk at scale.
Analyze applications for potential threats and attack vectors by conducting workshops to document and understand security architecture, attack surface, trust boundaries, and data flows.
Implement and configure security tools such as IriusRisk and SD Elements to identify security requirements for the adoption of secure development practices to manage and sustain compliance across the organization.
Work on projects related to Application Security, Threat Modeling and DevSecOps.
Define and document an end-to-end secure software development life cycle (Secure-SDLC) to categorize and define essential security controls and countermeasures for clients.
Assist client to define and document security controls protocols based on business requirements.
Develop Threat Models that enumerate cybersecurity threats by attack surface; document and verify the existing security mitigations and identify if additional mitigations are required.
Master’s degree or equivalent in Computer Science, Engineering, Information Technology or related (employer will accept a Bachelor's degree plus five (5) years of progressive experience in lieu of a Master’s degree)
one (1) year of experience as a Security Specialist, Application Security Consultant, Security Analyst or related
One (1) year of experience must include utilizing DevSecOps, Threat Modeling, Security Requirement Management, Vulnerability Assessment and Remediation, SD Elements, IriusRisk
Preferred
Benefits
IBM is an IT technology and consulting firm providing computer hardware, software, infrastructure, and hosting services.
Glassdoor
4.1
Founded in 1911
Armonk, New York, USA
10001+ employees
http://www.ibm.com
IBM is an IT technology and consulting firm providing computer hardware, software, infrastructure, and hosting services.
