IBM Security Engineer - DevSecOps 

United States, District of Columbia, Washington 

394575188

• 5+ years experience supporting secure DevSecOps practices using FORTIFY 5+ years experience running Dynamic and Static Application Security Testing (SAST)
• 5+ years experience working with of source version control, build/release tools and methodologies
• 5+ years experience with CI/CD pipelines
• 5+ years experience with the software build process
• 5+ years experience supporting backups and disaster recovery
• 5+ years experience maintaining access control and the integrity of data throughout the platform 5+ years experience designing, developing, evaluating and modifying systems and systems-oriented products.
• 5+ years experience configuring, deploying and maintaining and optimizing securiy code scanning tools (Fortify)
• Work with the deveopment and infrastucture teams to remdiate findings
• Perform Cyber Supply Chain Risk Management (C-SCRM) activities to include configuring, deploying and maintaining SCRM tool (Mend) and analyze reports.
• Support Security Assessment and Authorization / ATO process
• Bachelors Degree and a minimum 5 years experience. Additional years of experience maybe accepted in lieu of the degree.
• Ability to acquire a Public Trust Background investigation
• Certified in industry recognized areas such as CISSP, CISA, or CISM
• Familiarity with NIST 800-53, FISMA, FedRAMP

Preferred Technical and Professional Expertise

• Excellent organization, collaboration, project management, and team leadership skills
• Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership
• 2+ years experience executing security compliance in multi-cloud or DevSecOps environments
• 2+ years experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes
• Security certification in one or more cloud environments (Azure, AWS, Google…)