IBM Computing
Overview
The CISO Cybersecurity Operations Platform (CSOP) team is looking to add an engineer to the Analytics and Data Exploitation team. The Platform provides the technology, services and expertise required by IBM’s Cyber Threat Detection and Response teams. We support the Advanced Threat Detection (threat hunting, intelligence, incident response), Vulnerability Detection and Response, Remediation, Security Operations Center and Command Center teams to deliver enterprise-wide security to one of the world’s most established technology companies. We process tens of billions of events per day, meaning effective analysis and data exploitation practices are critical to our success. This is a technical position within the Analytics and Data Exploitation team who employ commercial, open source and in-house developed tools to deliver critical cybersecurity services such as event processing, automation, complex analytics and support to digital investigations. The Platform team operates across development, test, pre-production and production networks to create, maintain and improve services, including fault-finding and the ability to work within complex, dynamic environments. The right candidate thrives in high-pressure situations and has practical experience with Big Data technologies (such as Spark, Hadoop and Elasticsearch). The role requires practical knowledge of container orchestration technologies — specifically Kubernetes and RedHat OpenShift. The work will include design and optimization of container-deployed systems, as well as day-to-day engineering and administration of the orchestration environment. This includes cluster management, Pod assignment/configuration, application virtual routing, security, container image registry management and runtime optimization. Wider knowledge of data ingestion, extraction, transformation and loading technologies is important — including Streamsets and Flink. The role is rounded out by some software development tasks related to cybersecurity, involving Java, SQL, Python and automation scripting; experience with DevSecOps methods is highly advantageous. The Platform team employs hybrid cloud hosting and this includes provisioning, administration and management of services within IBM Cloud, Amazon Web Services and Microsoft Azure. About the Team The CSOP team is looking to add an Email Security Engineer. The CSOP provides the technology, services and expertise required by IBM’s Cyber Threat Detection and Response teams. We support the Advanced Threat Detection (threat hunting, intelligence, incident response), Vulnerability Detection and Response, Remediation, Security Operations Center and Command Center teams to deliver enterprise-wide security to one of the world’s most established technology companies. Your role and responsibilities
Your role and responsibilities Job Duties: Contribute to the day-to-day work that supports our critical cybersecurity analysis and data processing workflows Protect organization against phishing, spoofing, malware, and advanced threats while maintaining user experience and compliance Familiarity with Exchange, ProofPoint Email Solutions, Powershell, Azure, and M365 suite Design, implement and maintain secure email solutions within the Microsoft 365 tenant and related services Monitor and respond to email-related security incidents, phishing attempts, and compromise events Support the team leadership to improve overall exploitation of technologies that best serve our requirements Partner with CIO and CISO teams to develop email security policies, rules, and playbooks Work as part of a deeply technical, passionate team of engineers to tackle significant IT challenges Required technical and professional expertise
3 or more years’ experience in an email security engineer or similar role Experience with Microsoft 365 Exchange or Proofpoint email solutions Hands on experience with SPF, DKIM, and DMARC configuration and rollout at an enterprise level Experience with (or a proven aptitude for) working within a fast-paced environment where the success criteria are defined by external factors. This includes having to change course quickly, based on the evolving needs of a complex and dynamic environment Strong experience with incident response processes for phishing and email-based threats Experience with IBM Cloud, AWS, Azure or similar cloud environments Strong understanding of email protocols (SMTP, IMAP, POP3) and security controls Familiarity with SIEM tools for monitoring and automation on email threats Excellent problem-solving, communication, and documentation skills Preferred technical and professional experience
Experience with secure email gateways (Proofpoint, M365, etc) Microsoft certification Knowledge of zero trust frameworks and modern authentication methods (MFA, conditional access) Familiarity with cloud-native security tools (Sentinel, Defender, XDR) Understanding of email encryption solutions (TLS, S/MIME, PGP) Experience in large enterprise environments with hybrid Microsoft Exchange deployments Ansible experience is a strong advantage IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
#J-18808-Ljbffr
The CISO Cybersecurity Operations Platform (CSOP) team is looking to add an engineer to the Analytics and Data Exploitation team. The Platform provides the technology, services and expertise required by IBM’s Cyber Threat Detection and Response teams. We support the Advanced Threat Detection (threat hunting, intelligence, incident response), Vulnerability Detection and Response, Remediation, Security Operations Center and Command Center teams to deliver enterprise-wide security to one of the world’s most established technology companies. We process tens of billions of events per day, meaning effective analysis and data exploitation practices are critical to our success. This is a technical position within the Analytics and Data Exploitation team who employ commercial, open source and in-house developed tools to deliver critical cybersecurity services such as event processing, automation, complex analytics and support to digital investigations. The Platform team operates across development, test, pre-production and production networks to create, maintain and improve services, including fault-finding and the ability to work within complex, dynamic environments. The right candidate thrives in high-pressure situations and has practical experience with Big Data technologies (such as Spark, Hadoop and Elasticsearch). The role requires practical knowledge of container orchestration technologies — specifically Kubernetes and RedHat OpenShift. The work will include design and optimization of container-deployed systems, as well as day-to-day engineering and administration of the orchestration environment. This includes cluster management, Pod assignment/configuration, application virtual routing, security, container image registry management and runtime optimization. Wider knowledge of data ingestion, extraction, transformation and loading technologies is important — including Streamsets and Flink. The role is rounded out by some software development tasks related to cybersecurity, involving Java, SQL, Python and automation scripting; experience with DevSecOps methods is highly advantageous. The Platform team employs hybrid cloud hosting and this includes provisioning, administration and management of services within IBM Cloud, Amazon Web Services and Microsoft Azure. About the Team The CSOP team is looking to add an Email Security Engineer. The CSOP provides the technology, services and expertise required by IBM’s Cyber Threat Detection and Response teams. We support the Advanced Threat Detection (threat hunting, intelligence, incident response), Vulnerability Detection and Response, Remediation, Security Operations Center and Command Center teams to deliver enterprise-wide security to one of the world’s most established technology companies. Your role and responsibilities
Your role and responsibilities Job Duties: Contribute to the day-to-day work that supports our critical cybersecurity analysis and data processing workflows Protect organization against phishing, spoofing, malware, and advanced threats while maintaining user experience and compliance Familiarity with Exchange, ProofPoint Email Solutions, Powershell, Azure, and M365 suite Design, implement and maintain secure email solutions within the Microsoft 365 tenant and related services Monitor and respond to email-related security incidents, phishing attempts, and compromise events Support the team leadership to improve overall exploitation of technologies that best serve our requirements Partner with CIO and CISO teams to develop email security policies, rules, and playbooks Work as part of a deeply technical, passionate team of engineers to tackle significant IT challenges Required technical and professional expertise
3 or more years’ experience in an email security engineer or similar role Experience with Microsoft 365 Exchange or Proofpoint email solutions Hands on experience with SPF, DKIM, and DMARC configuration and rollout at an enterprise level Experience with (or a proven aptitude for) working within a fast-paced environment where the success criteria are defined by external factors. This includes having to change course quickly, based on the evolving needs of a complex and dynamic environment Strong experience with incident response processes for phishing and email-based threats Experience with IBM Cloud, AWS, Azure or similar cloud environments Strong understanding of email protocols (SMTP, IMAP, POP3) and security controls Familiarity with SIEM tools for monitoring and automation on email threats Excellent problem-solving, communication, and documentation skills Preferred technical and professional experience
Experience with secure email gateways (Proofpoint, M365, etc) Microsoft certification Knowledge of zero trust frameworks and modern authentication methods (MFA, conditional access) Familiarity with cloud-native security tools (Sentinel, Defender, XDR) Understanding of email encryption solutions (TLS, S/MIME, PGP) Experience in large enterprise environments with hybrid Microsoft Exchange deployments Ansible experience is a strong advantage IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
#J-18808-Ljbffr