Ethical Hacker

Job Description
Change the world at IBM. There aren’t many companies who can say they have been an integral part of the global business landscape for more than a century. While the world has changed considerably over the past 100 years, IBM, our people and our offerings have continuously led the way with business and technology innovation.

Today, we are more than a hardware, software and services provider, yet we remain true to our heritage as a team of collaborative forward-thinkers, focused on making business and society work better. We are part of the fabric of everyday life and stand for world-changing progress.

Join a company where you can make an impact and literally change the world. With so many different opportunities available – the sky is the limit!

Like to solve complex technical challenges? How about finding new and unexpected ways of doing things? If this sounds like you, and you have a background and passion for security this might be the opportunity you've been looking for. Ethical Hacking gives you the ability to exercise these skills while keeping the bad guys out of our networks and applications. 

The successful candidate will have proven knowledge & passion for application security along with tenacious problem solving skills. You should also exhibit a solid understanding of networking and common protocols.

This position will involve:

• Penetration Testing on IBM products and offerings
• Threat Modeling
• Product security incident response management
• Design and implementation of custom scripts and tooling used to find and exploit security vulnerabilities
• Coordinating with development teams to provide mitigation recommendations, education, and ensuring vulnerabilities are effectively fixed
• Participating in security research and projects
• Creation and delivery of security training

This role will involve working with technology that is covered by embargo Export Regulations. If you are a Foreign National from any of the following embargoed countries (Cuba, Iran, North Korea, Sudan, and Syria) on a work permit, you are not eligible for employment in this position.


Required Technical and Professional Expertise

• 5+ years Experience with common Operating Systems including: Linux, Windows, MacOS, Android, iOS
• 2+ years Experience with most of the following tools or similar: Kali Linux, NMap, Wireshark/tcpdump, Metsploit, AppScan, Burp, Zap
• 2+ years Experience with various programming & scripting languages (at least 3 of the following): Bash, Python, JavaScript, C/C++, Java, Objective C/Swift, Nodejs, PHP, etc.
• Ability to demonstrate & experience exploiting common application vulnerability types (OWASP Top 10/SANS25): XSS, SQLi, RCE, Path Traversal, CSRF, XXE, etc.
• Understanding of common cryptographic algorithms & weaknesses.
• Familiar with common cloud architectures and services.

Preferred Tech and Prof Experience

• 3+ years penetration testing experience
• OSCP, SANS, CEH, & other certifications
• Experience in an IT/Security role
• Understanding of software engineering
• Knowledge of IBM Security products
• Interest in Social Engineering

EO Statement
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
 

Preferred Education: Bachelor's Degree
Commissionable: No