Skip to content
Introduction

Application Security Engineers play a critical role in protecting applications from vulnerabilities and attacks, ensuring the confidentiality, integrity, and availability of sensitive data. Their responsibilities span across the entire software development lifecycle, requiring a blend of technical skills, security expertise, and interpersonal abilities.

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

Your role and responsibilities

  1. Secure Software Development: Work closely with developers to incorporate security into the software development lifecycle (SDLC), promoting secure coding practices and conducting code reviews.

  2. Vulnerability Assessment: Regularly perform vulnerability assessments and penetration testing to identify weaknesses in applications and suggest improvements.

  3. Threat Modeling: Develop and maintain threat models to anticipate potential security threats and design appropriate countermeasures.

  4. Security Tool Implementation: Select, deploy, and manage security tools for static and dynamic application security testing (SAST and DAST), such as Fortify, SonarQube, or OWASP ZAP.

  5. Security Compliance: Ensure that applications meet relevant security standards and regulations, like OWASP Top Ten, HIPAA, or GDPR.

  6. Security Training and Awareness: Design and deliver training programs to educate developers and other stakeholders on secure coding practices and application security best practices.

  7. Incident Response: Participate in responding to application security incidents, working with the broader security team to contain, mitigate, and recover from breaches.

  8. Security Documentation: Maintain accurate and up-to-date security documentation, including security requirements, design specifications, and testing results.

  9. Collaboration: Work closely with development, QA, and other IT teams to integrate security considerations into all stages of application development and deployment.

  10. Research and Development: Stay current with new security threats, vulnerabilities, and mitigation techniques, and evaluate emerging security technologies for potential application.

  11. Risk Management: Identify, analyze, and prioritize application security risks, and propose appropriate risk mitigation strategies.

  12. Third-Party Security: Evaluate and oversee the security of third-party libraries, components, and services used in applications.

  13. Policy Development: Contribute to the development and maintenance of organizational application security policies and procedures.

  14. Continuous Improvement: Regularly review and refine application security practices, tools, and processes to maintain effectiveness and efficiency.

  15. Professional Certifications: Pursuit of relevant professional certifications, like Certified Information Systems Security Professional (CISSP), Certified Software Security Engineer (CSSLP), or Offensive Security Certified Professional (OSCP), can enhance expertise and credibility.

Required education
Bachelor's Degree
Preferred education
Master's Degree
Required technical and professional expertise
  • Architecture / Solution Reviews
  • Threat Modelling
  • Access Model / PAM Reviews
  • System Configuration Reviews
  • ITPF Conformance Assessment
  • Secure Coding Practices
  • Web Interface or API Security Review
  • SAST / DAST Scans
  • Pentest
  • IaC Scanning
  • Secrets Scanning
  • Logging and Monitoring Review
  • BR and DR Assessment

ABOUT BUSINESS UNIT

IBM Consulting is IBM’s consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients’ businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.

YOUR LIFE @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

 

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

 

Are you ready to be an IBMer?

ABOUT IBM

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.


Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 500 companies relying on the IBM Cloud to run their business. 


At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

OTHER RELEVANT JOB DETAILS

IBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.