Your Role and Responsibilities- Design, develop and implement database security features and tools to provide a secure environment for the product to be used by customers in the cloud.
- Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner.
- Evaluate new technologies and processes that enhance security capabilities. Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates.
- Define, implement and maintain security policies related to various compliance.
- Evaluate various authentication, authorization and encryption solutions and collaborate on developing and implementing them to make the Db2 Warehouse product more secure, and accessible.
- Continuously perform vulnerability scanning, risk analysis and security assessments to detect any product vulnerabilities and develop and implement intrusion detection controls to prevent any intrusions into our systems.
- Work with customers to help them resolve their product issues and security related problems or queries. Help IBM sales and support teams by providing the proper answers about the service’s capabilities and security features.
Required Technical and Professional Expertise
- Overall 5+ years of IT Industry experience.
- 2 years’ experience with security compliances such as SOC2, FedRAMP, IRAP, HIPAA, PCI, HITRUST
- Experience developing product pipelines to optimize the process of deploying Software as a Service (SaaS) within large-scale, cloud-based infrastructure.
- Natural drive and proven ability automating various complex parallel tasks.
- 5 years’ experience with:
- At least one programming language (Java, C/C++, C#, Go, JavaScript)
- Scripting languages (Ruby, Python, PERL, Shell)
- Configuration management (Ansible, UrbanCode Deploy)
- SQL databases, key-stores and other data-structure solutions (Db2, PostgreSQL)
- Virtualization and Container orchestration (Xen, Docker, Kubernetes)
Preferred Technical and Professional Expertise
- Monitoring and logging tools (QRadar, New Relic)
- Continuous Integration platforms (Jenkins, Travis CI)
- Network Appliances – Firewalls and Load Balancing
- Single sign-on solutions and the Security Assertion Markup Language (SAML) 2.0 standard
- Source and project control (GitHub Enterprise, ZenHub)
- Virtual application and web servers (Apache, NGINX, WebSphere, IIS)