IBM Automation - Security Engineer Product Security

Introduction

Security Engineer

coding and automation skills

Product team

Your Role And Responsibilities

Lead Security Engineer Product Security (with Coding Expertise)

Preferred Education

Required Technical And Professional Expertise

• Perform application security assessments, code reviews, and threat modeling for new features and releases.
• Develop secure coding guidelines, automation tools, and scripts to enhance security posture.
• Integrate security checks into CI/CD pipelines (SAST, DAST, Twist log etc.).
• Analyze and remediate vulnerabilities across cloud, APIs, and backend services.
• Work with the DevOps and SRE teams to ensure secure infrastructure configurations and compliance.
• Collaborate with product and engineering teams on security process, development, and deployment phases.
• Conduct incident response and root cause analysis for security events related to product environments.
• Partner with QA and platform teams to ensure secure release readiness.
• Keep up-to-date with emerging threats, attack vectors, and mitigation techniques.
• Strong Knowledge on PSIRT process
• Proficiency in one or more programming languages: Python, Go lang.
• Strong understanding of web application security, API security.
• Hands-on experience with SAST, DAST, SCA tools (e.g., SonarQube, Twistlock, Mend SCA , Detect secret, Zap etc.).
• Experience with cloud security (AWS / Azure / GCP) and containerized environments (Docker, Kubernetes).
• Familiarity with CI/CD pipelines and integrating security controls in DevOps workflows.
• Knowledge of authentication and authorization frameworks
• Strong analytical and problem-solving skills with attention to detail.
  

Preferred Technical And Professional Experience

• Experience in SaaS or Product-based environments.
• Knowledge of security automation, policy-as-code, or custom tooling development.
• Relevant certifications (e.g., OSCP, CEH, GCP/AWS Security Specialty, CISSP) are a plus.