Cybersecurity Remediation Engineer
IBM · Atlanta, GA · 3 wk ago
HybridInformation TechnologyFull-time
Role Overview
The CISO Remediation Team at IBM Infrastructure & Technology is seeking a Cybersecurity Remediation Engineer to join their dynamic Cyber Defense organization. This role focuses on resolving security risks across the IBM enterprise, collaborating with various teams to enhance security practices.
Key Duties
- Support containment, recovery, and post-incident remediation by identifying root causes and implementing technical fixes.
- Partner with product, engineering, and infrastructure teams to embed security within existing practices.
- Conduct security and risk assessments of applications, platforms, and infrastructure, including threat modeling and targeted technical reviews.
- Apply security principles to protect systems and data, ensuring availability, authentication, authorization, confidentiality, and integrity.
- Create technical documentation outlining remediation guidance and security best practices.
- Develop or implement tools to support detection, prevention, and analysis of security threats.
Required Technical and Professional Expertise
- Ability to work independently or as part of a team in ambiguous, fast-moving environments.
- Strong problem-solving skills with attention to detail and a proactive mindset.
- Strong interpersonal and communication skills with the ability to work effectively across engineering, security, and business teams; and explain technical remediation steps to non-technical stakeholders.
- Ability to collaborate effectively and, with experience, influence remediation outcomes across federated teams.
- Experience conducting security reviews and translating findings into actionable engineering guidance.
- Experience applying and maintaining secure configurations across systems, networks, or applications.
- Ability to leverage AI tools to accelerate triage, remediation recommendations, and incident response, with appropriate human review and judgement.
- Knowledge of vulnerability management, common attack patterns, and mitigation techniques (e.g., OWASP Top 10, MITRE ATT&CK).
Preferred Technical and Professional Experience
- ~4-8 years of experience in security engineering or adjacent engineering roles (e.g., networking, infrastructure, cloud, or application development).
- Experience supporting incident response or post-incident remediation.
- Experience with cloud platforms, CI/CD pipelines, containerization, and Kubernetes.
- Experience using automation and AI to reduce mean time to remediation (MTTR).
- Fundamental understanding of cybersecurity frameworks and regulations and how they inform risk-based remediation decisions (e.g., NIST CSF, NIST 800-series, ISO 27001, PCI).
- Certifications are a plus but not required; hands-on experience is valued most (e.g., CISSP, CISM, OSCP, SANS, cloud security certifications).