In this role, you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
Required Technical and Professional Expertise- Perform architecture security reviews and provide defense in depth controls and consulting on securing SaaS, PaaS, or IaaS cloud services.
- Collaborate with other Security Architects on design, develop, research, and implement security architectures and process enhancements – Working knowledge of information security controls, guidelines, and standards (e.g., ISO27000 series, OWASP, CSA CCM, CIS 20 Critical Security Controls, SOC 2, and NIST).
- Technical expertise throughout the software development lifecycle including design, implementation, and delivery (DevOps processes in a Cloud environment). Professional experience with modern technologies such as public and hybrid cloud (IBM, AWS, GCP, Azure, etc.), containerization and orchestration (Kubernetes), & microservice architectures.
- Security Architecture: Design and develop security architectures for complex systems, ensuring they meet security requirements and standards.
- Solution Design: Collaborate with project teams to integrate security controls into the overall solution architecture during the design phase.
- Security Guidance: OUer expert advice and guidance on security best practices, emerging threats, and security tools.
- Security Documentation: Create and maintain security architecture documentation, including diagrams, policies, standards, and procedures.
- Incident Response: Participate in incident response activities, providing expertise in analyzing security incidents and implementing response measures.
- Technology Evaluation: Evaluate new and emerging security technologies and products, making recommendations for their adoption based on organizational needs.
- Compliance and Governance: Ensure solutions comply with relevant regulatory and legal requirements, as well as internal security policies and standards.