DevSecOps Engineer

IBM X Force
London (Greater)
09 Dec 2018
31 Dec 2018
Contract Type
Full Time

ob Description

Do you believe the future of security is cloud? The IBM Cloud Security Competency Team (CloudSec) does.
We are a gender neutral, Cloud agnostic team with a varied background of Sciences, Technology, Engineering and the Arts. We believe this mix makes us more creative, improves our work with clients and the outcomes we achieve. We also believe diversity breeds a better culture and we value different attitudes and opinions whilst expecting:

  • Dedication;
  • Support;
  • Trust;
  • Respect;
  • Consideration.

Our new team is made up of four domains:

  • Security Strategy;
  • Information Assurance;
  • Security Architecture;
  • DevSecOps.

Your part in our team will align to one domain initially, working with the domain lead, and you will get the support to collaborate with other areas to grow your CloudSec expertise across all domains.
You will fill one of these roles:

  • Cloud Security Strategy Consultant;
  • Cloud Security Information Assurance Consultant;
  • Cloud Security Architect;
  • DevSecOps Engineer.

Are you passionate about keeping current and open to new ideas?
To develop knowledge areas, along with the cooperative nature of the team, you are provided access to a CloudSec team portal wich details education for new starters and career development. You will also have access to the global IBM education portal which you are also encouraged to explore as we believe that education and development should not be exclusively security based. Making time to think and explore leads us to develop new ideas and to be better able to help our clients.
You will be encouraged to constantly learn and improve by visiting industry events and workshops such as:

  • IPExpo;
  • IN Security;
  • AWS Summit;
  • Google Next;
  • DevSecOps Days;
  • DecSecCon;
  • BSides;
  • CloudSec;
  • Microsoft Ignite;
  • Online Capture the Flag (CTF) events.

The CloudSec competency team looks for colleagues who value the opportunity to be educated at events and like to give back by talking to other attendees, guest speaking and hosting breakout sessions; you're a teacher as well as a student. It shows you care.
Do you want to be one of us?Technical and non-technical CloudSec roles are available for all levels of education and experience, or career changers. You will work within a band, based on experience, and we have a number of positions available across a range of bands; if you are in a lower band you take part in education and support given by team members at higher bands so that you develop your skills.
We'd like you to be in the UK but we are not tied down to any one location - colleagues are based from Newcastle to Devon so we work remotely and rely on online collaboration tools such as:

  • WhatsApp?;
  • WebEx;
  • WebEx Teams;
  • GitHub;
  • Box;
  • Office365;
  • Mural;
  • Text messaging;
  • Old school phone calls.

Face to face team meetings take place at least once a quarter between London, Manchester and beyond.
Client work is assigned across the UK. The expectation of team members is that they will travel and stay away from home to support clients on site. This can be up to 4 nights away per week but is usually negotiable and tends to be less, with home working making up a lot of your time.
Your role will be a mix of consultancy, design and delivery. You might:

  • Consider, understand and document client requirements;
  • Engage with other teams in security and the wider IBM, to put a value proposition to clients and help win new business;
  • Deliver agreed pieces of work either as team lead or as part of a team.

On a day to day basis your role in the team could entail anything from the below and more…:

  • Giving cloud security maturity assessments against recognized frameworks, write reports which give strategic advice and compile and implement remedial action plans;
  • Putting together security policies and procedures and implement these in the cloud environment;
  • Leading and/or taking part in security audit activities;
  • Drawing up and implementing technical cloud security solutions including integrating cloud components with security enforcing functions;
  • Writing security as code and integrating with DevOps;
  • Researching new cloud native, IBM, partner and 3rd party security software security components and understanding how to integrate into our CloudSec solutions.

Your previous roles might include, have been equivalent to or worked closely with any of the below:

  • Information Security;
  • Risk and Compliance;
  • Business Strategy;
  • Product Owner;
  • Software Engineer/Architect;
  • DevOps Engineer/Architect;
  • Infrastructure Engineer/Architect;
  • Security Engineer/Architect.

This list indicates the skills we look for in our new joiners; equivalent experience, self education and personal interest is also very valuable to us:

  • Science, Technology, Engineering, Arts or Life Sciences University Degree;
  • Cloud Security Alliance Certification;
  • AWS Certification;
  • Azure Certification;
  • Google Cloud Certification;
  • ISC2 Certification;
  • ISACA Certification;
  • Agile Certification.

Similar jobs

Similar jobs