At IBM, work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so, lets talk.

Your Role and Responsibilities
We are looking for an energetic Cybersecurity Vulnerability Analyst to join the IBM Product Security Incident Response Team (PSIRT). Success in this role requires experience in Security Operations, Product Security, Product Security Incident Response (PSIRT), Risk Management and or Information Systems.

The candidate will work across the entire organization, with everyone from product developers to executives. The candidate is responsible for monitoring the end-to-end remediation lifecycle of reported security vulnerabilities to IBM. This includes the receipt of all incidents from internal teams, customers and external researchers, leads the tracking of resolution and identifies the appropriate disclosure functions to ensure the security of IBM clients and users in a timely manner. The work is fast paced, diverse, and has executive level visibility.

As a PSIRT Vulnerability Analyst, responsibilities include:

• Coordinate external and internal product security incidents as well as reported security issues affecting IBM products, applications, websites and secrets
• Work cross-functionally with all IBM business units, vulnerability management teams, development teams and asset owners, internal product security team members, customer support, legal and external security researchers to ensure timely resolution of security incidents and events.
• Establish and sustain incident communications through resolution and reporting
• Participate in and / or leading regular standup, Agile intake, and project planning meetings
• Identify areas of continuous improvement of the product security incident response tools and processes while maintaining all current procedures, including all required supporting artifacts.

• 1+ years of IT experience that encompasses a spectrum of typical IT roles (e.g. infrastructure, applications, strategy, operations, etc) or relevant college coursework
• Familiarity with current trends and developments in cloud (SaaS, PaaS, and IaaS), information security, and data privacy
• Practical knowledge of a wide variety of technologies, platforms and functional areas, including experience with cloud technologies and deployment models (e.g. containers, platform services, software defined networking, API security, credential management, encryption, etc)
• Basic knowledge of common Cyber Security and industry standards with common security controls
• Ability to communicate business needs to technical people, and to communicate and simplify complex technical information for non-technical people
• Fluent in English

Technical and Professional Expertise

• Certified in Cloud (e.g. Cloud+), Security (e.g. CISSP), or Privacy (e.g. CIPP/CIPT)
• PMI certification and/or IBM Agile Achiever badge