Security Specialist

Job description

Chief Information Security Office is working with the IBM Business Units on the identification, inventory and security controls for Source Code within IBM that is classified as Crown Jewels. New team within IBM's Chief Information Office IT Risk (CISO) organization focused on working to help execute security within the Business Units.

Job Duties:
·  Performing application vulnerability assessments
·  Perform Code Migration to secure repository
·  Other security-related projects that may be assigned according to skills Minimum Requirements:
·  Experience with code repositories and code migration
·  Experience with code scanning toolsets such as Fortify and AppScan
·  Knowledge of OWASP tools and methodologies
·  Understanding of HTTP and web programming
·  Knowledge of common security requirements within ASP.NET application
·  Knowledge of standard SDLC practices
·  Minimum of 1-3 years' work experience in application security
·  Minimum of 2-4 years of IT or software development experience Demonstrated Experience:
·  Experience working in software development
·  Experience with Application Inventory Systems
·  Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
·  Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
·  Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)

Auto req ID

70100BR
Country

United States
Required Education

Non-Degree Program
Role ( Job Role )

Security Specialist
State / Province

ILLINOIS
Primary job category

IT Specialist
Contract type

Regular
Employment Type

Full-Time
Is this role a commissionable/sales incentive based position?

No
Travel Required

Up to 50% or 3 days a week (home on weekends - based on project requirements)
IBM Business Group

T&O
Preferred Education

Master's Degree
City / Township / Village

SCHAUMBURG
EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise

·  Minimum of 1-3 years' work experience in application security
·  Minimum of 2-4 years of IT or software development experience
Skill-keywords

Application Security, Application Security Code Assessment including static and dynamic code analysis, Secure Code Repositories as such as Github, Agile Development and Dev/Ops Delivery methodology
Country

United States
Preferred Technical and Professional Experience

·  Ability to present findings to technical staff
·  Possess current security certifications (e.g., CISSP, CEH, etc)
Secondary Job Category

Technical Solutions Support Specialist
Eligibility Requirements

·  Minimum of 2-4 years work experience in application security
·  Minimum of 3-6 years of IT or software development experience
New Collar Role

Yes