内容へスキップ
はじめに

A career in IBM Software means you'll be part of a team that transforms our customer's challenges into industry-leading solutions. We are an infinitely curious team, always seeking new possibilities, and dedicated to creating the world's leading AI-powered, cloud-native software solutions. Our renowned legacy creates endless global opportunities for our network of IBMers. We are a team of deep product experts, ensuring exceptional client experiences, with a focus on delivery, excellence, and obsession over customer outcomes. This position involves contributing to HashiCorp's offerings, now part of IBM, which empower organizations to automate and secure multi-cloud and hybrid environments. You will join a team managing the lifecycle of infrastructure and security, enhancing IBM's cloud solutions to ensure enterprises achieve efficiency, security, and scalability in their cloud journey.

役割と責任

About HashiCorp, an IBM Company

 

 

HashiCorp addresses development, operations, and security challenges within infrastructure, enabling organizations to concentrate on core business initiatives. Millions of users leverage our open source software for provisioning, securing, connecting, and running infrastructure across diverse applications. The Global 2000 utilizes our enterprise software to expedite application delivery and foster innovation through software solutions.

 

 

We are seeking a Security Manager, Vulnerability Management & Compliance Automation to strengthen and scale our security program. This role will focus on improving how we identify, assess, and remediate vulnerabilities across our cloud and self-managed product suite — while driving automation and integration of compliance processes across our platforms and pipelines. You will work closely with engineering, product management, IT, and compliance stakeholders to embed security and compliance as a continuous, automated part of development and operations.

 

 

This role is ideal for a technically proficient leader who thrives in a remote-first, high-autonomy environment and is passionate about building secure, scalable systems.

 

 

In this role, your responsibilities will include:

 

 

  • Lead and expand the vulnerability management and compliance automation programs across HashiCorp’s products and infrastructure.

  • Oversee the end-to-end lifecycle of product vulnerabilities - from discovery and triage to remediation and reporting. Ensuring timely identification, triage, and remediation across multiple environments - including CI/CD pipelines, runtime infrastructure, and third-party dependencies.

  • Design and implement automated compliance controls and reporting mechanisms integrated into CI/CD pipelines and cloud infrastructure that align with frameworks such as SOC 2, ISO 27001, PCI and FedRAMP. 

  • Partner with engineering, product, and infrastructure teams to embed security into development workflows and prioritize security-related features and fixes.

  • Build and mentor a team of high-performing security engineers, providing technical guidance, career development, and performance feedback.

  • Collaborate with product and infrastructure teams to prioritize remediation work, track progress, and raise risk and impacts effectively.

  • Monitor and respond to emerging threats and vulnerabilities, driving rapid mitigation strategies and long-term improvements.

  • Develop metrics and dashboards to measure the health and maturity of vulnerability management and compliance programs.

  • Serve as a subject matter expert on vulnerability management, compliance automation, and secure development practices.

  • Contribute to strategic planning and roadmap development for vulnerability management  initiatives, with a focus on automation, scalability, and measurable impact.

  • Lead the design and deployment of security tools and integrations that support vulnerability scanning, compliance checks, and secure development practices.

  • Assess and communicate risk posture to stakeholders, providing clear visibility into vulnerabilities, mitigations, and compliance status.

必要とされる学歴
学士号
望ましい学歴
修士号
必要な専門的および技術的知識

  • 6+ years of experience in product or application security, with a focus on vulnerability management and compliance.

  • Demonstrated success building or scaling a vulnerability management or compliance automation program in a cloud-native environment.

  • Proven leadership and team management experience.

  • Strong understanding of cloud-native architectures (AWS, GCP, Azure) and containerized environments (Kubernetes, Nomad, Docker).

  • Experience integrating security and compliance tools into CI/CD pipelines (e.g., GitHub Actions, Jenkins, GitLab CI).

  • Familiarity with security scanning tools and services (SCA, SAST, DAST, CSPM, IaC scanning, etc.) and how to operationalize their results.

  • Excellent communication and stakeholder engagement skills.

  • Deep understanding of vulnerability lifecycle management, from discovery to remediation and verification.

  • Experience automating compliance evidence collection and control validation against industry frameworks (SOC 2, PCI, FedRAMP, etc.).

  • Strong leadership, communication, and stakeholder management skills — able to balance technical detail with business context.

  • Ability to prioritize and manage multiple projects, leading with data-driven decision-making and risk-based prioritization.

 
歓迎する専門的および技術的経験

  • Familiarity with HashiCorp/IBM products and services

事業部門について

IBMソフトウェアは、機械学習から生成AIまで、中核ビジネス運営にインテリジェンスを組み込み、組織がより即応的、生産的、およびレジリエントになれるように支援します。 IBMソフトウェアは、お客様がAIを今すぐ活用して、デジタルレイバー、IT自動化、アプリケーションのモダナイゼーション、セキュリティー、サステナビリティーにわたり、信頼性とスピードを兼ね備えた上で確信の持てる、真の価値を創造できるように支援します。 AIの有効性は、その基となるデータの有効性と同等になるため、ここで重要となるのは、すべてのデータを活用可能にすることです。 ほとんどの組織では、データが複数のクラウド、オンプレミス、プライベート・データセンター、エッジに分散しています。 IBMのAIおよびデータのプラットフォームは、信頼できるデータでAIの効果を拡張および加速し、ビジネス全体にAIのトレーニング、調整、導入を行うための先進の機能を提供します。 IBMのハイブリッドクラウド・プラットフォームは、ハイブリッド環境全体で開発、セキュリティー、運用を行うための最も包括的で一貫性のあるアプローチのひとつです。柔軟なファウンデーションとして、データを場所を問わず活用できるようにするため、AIを拡張してビジネスに深く浸透させることが可能になります。

あなたの人生 @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

 

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

 

Are you ready to be an IBMer?

IBM について

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

 

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 500 companies relying on the IBM Cloud to run their business. 

 

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

その他の関連する職務の詳細

When applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience. For additional information about location requirements, please discuss with the recruiter following submission of your application.