Introduction

A career in IBM Software means you’ll be part of a team that transforms our customer’s challenges into solutions.

Seeking new possibilities and always staying curious, we are a team dedicated to creating the world’s leading AI-powered, cloud-native software solutions for our customers. Our renowned legacy creates endless global opportunities for our IBMers, so the door is always open for those who want to grow their career.

IBM’s product and technology landscape includes Research, Software, and Infrastructure. Entering this domain positions you at the heart of IBM, where growth and innovation thrive.

This role is an opportunity to join an expanding team based across multiple geographies, to lead the effort to ensure continued security compliance and certification for On-Prem and CloudPak, products within IBM Data Core Products. The specific products that the successful applicant will be responsible for are IBM Enterprise Content Manager, IBM Content Navigator and IBM Daeja ViewONE

Your Role And Responsibilities

As the Software Security Architect, you will be responsible for ensuring security compliance and certification for On-Prem and CloudPak for 3 products: IBM Enterprise Content Manager, IBM Content Navigator and IBM Daeja ViewONE.

You will collaborate with the SaaS Security Focal on areas of overlap to maximise efficiency.

Work with relevant development teams/leads to ensure that all requirement of the Secure Release Tool are met and that SPbD review and approval process is completed annually.

Work with development teams/leads to ensure that Residual Finding Analysis (RFA) is completed and approved by BISO prior to product release.

Ensure that required scanning (Static, Dynamic and Container) is being executed on time and built into release schedules.

Understand vulnerabilities and advise on remediations and mitigations.

Respond appropriately and promptly to customer queries/questionnaires and collaborate with SMEs as required

Participate and contribute to Security Focal Interlock calls to receive training, share best practices, and receive feedback.

Keep abreast of changes in the wider security landscape – Security bulletins, new vulnerabilities, new hardening techniques etc

Look for opportunities to streamline and automate processes

Preferred Education

None

Required Technical And Professional Expertise

The job will be located in Dublin and will entail collaboration across global teams. It will also require collaboration with customers (internal and external) so strong verbal and written communication skills are important.

A deep understanding of the SDLC with at least 7 years experience of working in a Software Development/SaaS/Security agile environment

Subject matter expertise in all aspects of IT and Software Security.

Knowledge and understanding of IBMs Security Standard (ITSS) or a similar standard based on ISO27K or NIST 800-53.

Understanding of Secure Release Tool (SRT) and Security and Privacy by Design (SPbD)

Be familiar with Static (Mend, Sonarqube), Dynamic (OWASP Zap) and Container (Twistlock, Aqua) scanning and management of vulnerabilities

Be familiar with Industry Specific Security Standards eg HIPPA, PCI, FBA, GDPR etc

Be familiar with the PSIRT Framework

Be familiar with the following SaaS Security Management tools: Qradar, Tenable, EDR

Have an understanding of DevOps, DevSecOps, Build Processes, Automation (CI/CD) and SRE

Have an understanding of Cloud Infrastructure, Virtual Machines, Containerisation, Networking and Network Segmentation.

Expertise across Operating Systems (Linux, Windows, AIX) and MiddleWare (Database, LDAP etc)

Be familiar with tools related to Software development eg JIRA, GitHub, Jenkins, SPS etc

Have a track record as Development Manager, QA lead, Development lead, Scrum Master or Security Architect

Preferred Technical And Professional Experience

Expertise in programming Java, Python or other

Expertise in SSO and High Availablity/Disaster Recovery environments