IT Security Specialist Lead - (CISSP, CEH)

  • Company: IBM
  • Location: Schaumburg, Illinois
  • Posted: December 13, 2017
  • Reference ID: 118979BR
CISO is working with the IBM Business Unit BISOs on the identification, inventory and security controls for Source Code within IBM that is classified as Crown Jewels.  New team within IBM CIO IT Risk (CISO) organization focused on working with the BISOs to help execute security within the BUs.

Job Duties:
  • Performing application vulnerability assessments
  • Perform Code Migration to secure repository
  • Other security-related projects that may be assigned according to skills
Minimum Requirements:
  • Experience with code repositories and code migration
  • Experience with code scanning toolsets such as Fortify and AppScan
  • Knowledge of OWASP tools and methodologies
  • Understanding of HTTP and web programming
  • Knowledge of common security requirements within ASP.NET application
  • Knowledge of standard SDLC practices
  • Minimum of 2-4 years of IT or software development experience

Demonstrated experience in:
  • Experience working in software development
  • Experience with Application Inventory Systems
  • Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
  • Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
  • Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
Preferred Requirements:
  • Ability to present findings to technical staff
  • Possess current security certifications (e.g., CISSP, CEH, etc)
  • Peers within the Security domain as well as  other CIO domains (systems, networks, cloud, etc) and business unit security teams
  • Vendor sales and technical support teams
  • Senior Management / Executive stakeholders within CIO and business unit security teams
No remote opportunities exist
Must have the ability to work in the US without current/future need for IBM sponsorship


Share this Job