#736931BR
ent and compliance,
Depending on the area of work, the Security Architect may perform evaluation and selection of the components, design of hardware, software, process and service components of the solution, assurance of deployment architectures, and guide secure engineering practices in development.
Utilizes knowledge of the product/deliverable/process and client usage to pinpoint opportunities for enhancement Identifies issues, potential underlying causes, and proposes opportunities for enhancement Independently devises and solutions innovative solutions leveraging analytical skills and business acumen to create value propositions Generates and leverages intellectual assets to advance digital self-service goals
Responsibilities:
Review and assess IBM Data & AI services, and applications as per defined by the IBM's Security and Privacy by Design (SPbD) framework.
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
Lead the efforts to streamline the security processes and tooling through the active participation in "Design Thinking" sessions for process and tooling changes and enhancements.
Engage, collaborate, and build trusted relationships with product managers, developers, and other security engineers.
Develop guidance and enablement material to produce secure software, services and applications that align with IBM's commitments to customers and IBM's IT Security Standards.
Advise, Design, implement enterprise-class secure software/services.
Align company standards, industry regulations, frameworks and security with overall business and technology strategy.
Identify and communicate current and emerging security threats.
Design security architecture elements to mitigate threats as they emerge.
Assess risk and develop mitigation and remediation plans for security findings in services and applications
Required Technical and Professional Expertise
Minimum 8+ Years of professional experience in Software Domain
Business Awareness: You have an understanding about the business that you are trying to secure. For example, working knowledge of cloud technologies, the ability to describe what the security concerns and impact might be for an organization looking to move from on-premises compute to public cloud.
Distributed Systems / Software Design: understand the compromises that teams make every day to make things work. Security Architect should have strong influence towards secure implementation and development.
Threats, Risks, and Modeling: know the difference between a threat and risk. The ability to understand what organizations need to protect, who they need to protect it from, and how that protection should work.
Vulnerabilities and Exploitation: the ability to discern between a weakness, flaw, or error found within a system, software, host, etc. which have the potential to be leveraged by an attacker to compromise a network, application, an infrastructure, etc.
Collaboration: being personable, approachable, and empathetic are extremely valuable qualities as a Security Architect. The Security Architect role requires a lot of cooperation and engagement within the organization that they support.
5 or more years of experience as an Engineer or Architect (Software, Solutions, Network, Security, etc.,)
Experience with Incident Response / Operations or addressing breaches, incidents.
Experience with forensic analysis - strong critical thinking and analytical skills.
Understanding of current software (on-premises), cloud technologies and Software-as-a-Service (SaaS) concepts.
Experience developing software and writing code
Preferred Technical and Professional Expertise
At least two (2) years' experience in the following: