内容へスキップ
はじめに

Application Security Engineers play a critical role in protecting applications from vulnerabilities and attacks, ensuring the confidentiality, integrity, and availability of sensitive data. Their responsibilities span across the entire software development lifecycle, requiring a blend of technical skills, security expertise, and interpersonal abilities.

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

役割と責任

  1. Secure Software Development: Work closely with developers to incorporate security into the software development lifecycle (SDLC), promoting secure coding practices and conducting code reviews.

  2. Vulnerability Assessment: Regularly perform vulnerability assessments and penetration testing to identify weaknesses in applications and suggest improvements.

  3. Threat Modeling: Develop and maintain threat models to anticipate potential security threats and design appropriate countermeasures.

  4. Security Tool Implementation: Select, deploy, and manage security tools for static and dynamic application security testing (SAST and DAST), such as Fortify, SonarQube, or OWASP ZAP.

  5. Security Compliance: Ensure that applications meet relevant security standards and regulations, like OWASP Top Ten, HIPAA, or GDPR.

  6. Security Training and Awareness: Design and deliver training programs to educate developers and other stakeholders on secure coding practices and application security best practices.

  7. Incident Response: Participate in responding to application security incidents, working with the broader security team to contain, mitigate, and recover from breaches.

  8. Security Documentation: Maintain accurate and up-to-date security documentation, including security requirements, design specifications, and testing results.

  9. Collaboration: Work closely with development, QA, and other IT teams to integrate security considerations into all stages of application development and deployment.

  10. Research and Development: Stay current with new security threats, vulnerabilities, and mitigation techniques, and evaluate emerging security technologies for potential application.

  11. Risk Management: Identify, analyze, and prioritize application security risks, and propose appropriate risk mitigation strategies.

  12. Third-Party Security: Evaluate and oversee the security of third-party libraries, components, and services used in applications.

  13. Policy Development: Contribute to the development and maintenance of organizational application security policies and procedures.

  14. Continuous Improvement: Regularly review and refine application security practices, tools, and processes to maintain effectiveness and efficiency.

  15. Professional Certifications: Pursuit of relevant professional certifications, like Certified Information Systems Security Professional (CISSP), Certified Software Security Engineer (CSSLP), or Offensive Security Certified Professional (OSCP), can enhance expertise and credibility.

必要とされる学歴
学士号
望ましい学歴
修士号
必要な専門的および技術的知識
  • Architecture / Solution Reviews
  • Threat Modelling
  • Access Model / PAM Reviews
  • System Configuration Reviews
  • ITPF Conformance Assessment
  • Secure Coding Practices
  • Web Interface or API Security Review
  • SAST / DAST Scans
  • Pentest
  • IaC Scanning
  • Secrets Scanning
  • Logging and Monitoring Review
  • BR and DR Assessment

事業部門について

IBMコンサルティング事業本部は、お客様のビジネスや業界のトランスフォーメーションをご支援してきた実績を持つコンサルティングサービスやシステム構築等のサービスビジネスをご提供する事業部です。 私たちは、様々な業界に対する深い洞察、知見を活用し、イノベーションや価値をもたらすべく、戦略の立案や顧客体験の向上、テクノロジーの活用やオペレーションの改善を数多くのお客様にご提案、ご提供してきました。 現在、全世界で14万人を超えるコンサルタントやテクノロジーの専門家が、卓越したスキルや熱意を持って日々お客様に寄り添い、ビジネス上の難しい課題の解決に共に取り組んでいます。 私たちは、テクノロジーの力を信じています。そして人類や地球のために、責任を持ってテクノロジーを活用していきます。

あなたの人生 @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

 

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

 

Are you ready to be an IBMer?

IBM について

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.


Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 500 companies relying on the IBM Cloud to run their business. 


At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

その他の関連する職務の詳細

IBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.