Cloud Vulnerability Analyst

Heredia, Heredia, CR

Full Time
IBM logo
IBM
Apply now Apply later

Posted 4 weeks ago


Introduction
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.


Your Role and Responsibilities
IBM Cloud Vulnerability Analysts are responsible for identifying, reporting and tracking system vulnerabilities, benchmark hardening parameters, deviations, and evidence within multiple cloud infrastructure environments. Examples of daily tasks include:
  • Confirmation and monitoring of scanning tools
  • Assessment and analysis data collected from scans
  • Tracking and reporting discovered vulnerabilities and remediation efforts
  • Sourcing and tracking of public and pre-embargoed vulnerability disclosure sources.
  • Analysis and reporting of all applicable publicly disclosed zero-day vulnerabilities.
  • Coordination with system owners to identify and remediate scan problems
  • Coordination with system owners to provide requested details about scan findings, scan methodologies, and remediation recommendations
  • Collaboration with Security Engineering to develop and tune automation flows wherever possible
  • Assisting Program Managers with reporting and continuous motion on remediation efforts



Required Technical and Professional Expertise
2+ years of information security experience or relevant system administration
Experience with risk management, vulnerability management, threat analysis, security auditing, security monitoring, incident response, and other information security practices preferred
Excellent English: written and oral
Capability to maintain highly detailed documentation and ticketing
Awareness of security standards (CIS, DISA-STIGS, etc)
Proficient with both Windows and Linux operating systems
Knowledge of two or more programming languages (Bash, Python, Go, Java, JavaScript, PHP, etc.)
Knowledge of compliance programs (HIPAA, GDPR, SOC, ISO, PCI, NIST, etc.)
Experience with:
Ticketing (JIRA, ServiceNow, Remedy, etc.)
DAST/SAST (IBM AppScan, SonarQube, etc.)
Vulnerability & Baseline (Qualys, Tenable Security Center, etc)
Security/privacy specific training/certification



Preferred Technical and Professional Expertise
Experience with Docker, Kubernetes, OpenShift, etc.
Experience with:
SIEM (QRadar, Splunk, Nitro, etc.)
SOAR (Resilient, Demisto, ServiceNOW, etc.)
EDR (VmWare React, FireEye, CrowdStrike, etc.)
Application Control (VmWare App Control, CylanceProtect, Quualys WAS, etc)
Other: Demisto, TruSTAR, Jenkins, Ansible Tower, Travis, etc.




About Business Unit
Digitization is accelerating the ongoing evolution of business, and clouds - public, private, and hybrid - enable companies to extend their existing infrastructure and integrate across systems. IBM Cloud provides the security, control, and visibility that our clients have come to expect. We are working to provide the right tools and environment to combine all of our client’s data, no matter where it resides, to respond to changing market dynamics.


Your Life @ IBM
What matters to you when you’re looking for your next career challenge?

Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.

Impact. Inclusion. Infinite Experiences. Do your best work ever.


About IBM
IBM’s greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.


Location Statement
For additional information about location requirements, please discuss with the recruiter following submission of your application.


Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.






Job tags: Auditing Automation Docker GDPR Go Incident response Java JavaScript Kubernetes Linux NIST PCI PHP Python Qualys SIEM Splunk Vulnerabilities Vulnerability management Windows
Job region(s): North America
Share this job: