Secure Code Sr. Analyst
Internship Distrito Federal, MEXICO Sales
Job description
The Secure Code Analyst is responsible for analyzing software vulnerabilities, as well as recommending possible remediation steps. The analyst works to identify and provide remediation guidance of vulnerabilities within software applications and systems, using a variety of tools to enhance our clients' security posture.
Main Responsibilities:
· Support managing activities of secure code testing program.
· Provide support over the application security program of clients.
· Code scanning and assessment – SAST mainly (Manual/Automated/DAST).
· Validate and comment false positive reports from Development teams.
· Conduct the review of software applications and systems from a security and privacy perspective.
· Follow Client's IT Standards used in the security review process and provide security recommendations regarding secure software development.
Required Expertise
· At least 2-4 years of IT experience.
· Knowledge of security concepts, threat, threat modeling, vulnerability exploitation, and common website and application vulnerabilities including but not limited to, SQL Injection, Cross-site scripting (XSS) and Session
· Management.
· A holistic understanding of attack vectors, current threats, and remediation strategies.
· Knowledge in security frameworks (OWASP, ISO27001, NIST, etc).
· Intermediate English level.
Required qualifications
· ITIL v3
Preferred qualifications
· CSSLP
· CISSP
· CISM
· CEH
Validate and comment false positive reports from Development teams.
Conduct the review of software applications and systems from a security and
privacy perspective.
Follow Client's IT Standards used in the security review process and provide
security recommendations regarding secure software development.
Required Expertise
At least 2-4 years of IT experience.
Knowledge of security concepts, threat, threat modeling, vulnerability
exploitation, and common website and application vulnerabilities including
but not limited to, SQL Injection, Cross-site scripting (XSS) and Session
Management.
A holistic understanding of attack vectors, current threats, and remediation
strategies.
Knowledge in security frameworks (OWASP, ISO27001, NIST, etc).
Intermediate English level.
Required qualifications
ITIL v3
Preferred qualifications
CSSLP
CISSP
CISM
CEH
Auto req ID
353557BR
Required Education
Bachelor's Degree
Role ( Job Role )
Security Consultant
State / Province
DISTRITO FEDERAL
Primary job category
Consultant
Company
(0389) IBM de Mexico, S. de R.L.
Contract type
Regular
Employment Type
Full-Time
Is this role a commissionable/sales incentive based position?
No
Travel Required
No Travel
IBM Business Group
C&CS
Preferred Education
Bachelor's Degree
City / Township / Village
Mexico City
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise
Main Responsibilities:
· Support managing activities of secure code testing program.
· Provide support over the application security program of clients.
· Code scanning and assessment – SAST mainly (Manual/Automated/DAST).
· Validate and comment false positive reports from Development teams.
· Conduct the review of software applications and systems from a security and privacy perspective.
· Follow Client's IT Standards used in the security review process and provide security recommendations regarding secure software development.
Country/Region
Mexico
Preferred Technical and Professional Experience
Required Expertise
· At least 2-4 years of IT experience.
· Knowledge of security concepts, threat, threat modeling, vulnerability exploitation, and common website and application vulnerabilities including but not limited to, SQL Injection, Cross-site scripting (XSS) and Session
· Management.
· A holistic understanding of attack vectors, current threats, and remediation strategies.
· Knowledge in security frameworks (OWASP, ISO27001, NIST, etc).
· Intermediate English level.
Required qualifications
· ITIL v3
Preferred qualifications
· CSSLP
· CISSP
· CISM
· CEH
Secondary Job Category
Other Consultant
Position Type
Professional
Early Professional Track
Not Applicable - Professional Hire
Location Statement
For additional information about location requirements, please discuss with the recruiter following submission of your application.
Introduction
Information and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Life @ IBM
What matters to you when you're looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
About Business Unit
IBM's Cloud and Cognitive software business is committed to bringing the power of IBM's Cloud and Watson/AI technologies to life for our clients and ecosystem partners around the world. IBM provides you with the most comprehensive and consistent approach to development, security and operations across hybrid environments—with complete software solutions for business and IT operations, development, data science, security, and management. Our experts and software capabilities help organizations develop applications once and deploy them anywhere, integrate security across the breadth of their IT estate, and automate operations with management visibility. With IBM, you also have access to new skills and methods, governance and management approaches, and a deep ecosystem of industry experts and partners.
About IBM
IBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.