IBM Cloud Object Storage DevOps Engineer

Required Technical and Professional Expertise

• 5+ years of demonstrated experience in successful driving and execution of compliance programs for common IT security standards/regulations: SOC1/2/3, ISO27K, HIPAA, PCI, FBA (formerly FFIEC), FedRAMP, GDPR, etc.
• 5+ years of working experience with designing/building cloud software and infrastructure.
• Expert knowledge of all layers of the OSI model, most importantly the network (layer 3) and application (layer 7).
• Domain expertise in cloud software and infrastructure technologies.
• Strong knowledge and understanding in penetration testing methodologies and exploits (web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies).
• Strong knowledge and understanding of offensive cybersecurity operations and defensive integrations, including enumeration and exploitation of various cloud-based technologies and development of secure applications.
• Strong ability to communicate highly technical aspects to Executives, IT staffs, CISO team, auditors, respectively.
• Strong experience with various scripting languages (Python, Ruby, Bash, etc.).
• Familiarity with serverless services, containerization and other cloud technologies.
• Strong familiarity with OWASP Top Ten, NIST, CIS and MITRE ATT&CK
• 5+ years of demonstrating experience in system or application administration role(s).

Preferred Technical and Professional Expertise

• 7+ years of demonstrated experience in successful driving and execution of compliance programs for common IT security standards/regulations: SOC1/2/3, ISO27K, HIPAA, PCI, FBA (formerly FFIEC), FedRAMP, GDPR, etc.
• 7+ years of working experience with designing/building cloud software and infrastructure.
• Expert knowledge of all layers of the OSI model, most importantly the network (layer 3) and application (layer 7).
• Domain expertise in cloud software and infrastructure technologies.
• Expert knowledge and understanding in penetration testing methodologies and exploits (web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies).
• Expert knowledge and understanding of offensive cybersecurity operations and defensive integrations, including enumeration and exploitation of various cloud-based technologies and development of secure applications.
• Expert ability to communicate highly technical aspects to Executives, IT staffs, CISO team, auditors, respectively.
• Expert experience with various scripting languages (Python, Ruby, Bash, etc.).
• Deep understanding and implementation with serverless services, containerization and other cloud technologies.
• Domain expertise with OWASP Top Ten, NIST, CIS and MITRE ATT&CK.
• 7+ years of demonstrating experience in system or application administration role(s).