Security Engineer
IBM · Yorktown Heights, NY
- On site
- Full-time
- $120,000 / year
- Yorktown Heights, NY
Job highlights
- Secure quantum computing software and infrastructure.
- Identify and mitigate security vulnerabilities.
- Implement security measures and policies.
- Work with CISO and development teams.
- Ensure compliance with regulatory standards.
About the role
About IBM Quantum
IBM Quantum is an industry-first initiative to build universal quantum computers for business, engineering, and science. This effort includes advancing the entire quantum computing technology stack and exploring applications to make quantum broadly usable and accessible. With a worldwide network of Fortune 500 companies, academic institutions, researchers, educators, and enthusiasts, we are committed to driving innovation for our clients in the IBM Quantum Network and the Qiskit Community.Your Role And Responsibilities
IBM is seeking a skilled Security Engineer specialized in Quantum Computing Software in the US, reporting to T. J. Watson Research Center in Yorktown Heights, NY. This role will focus on ensuring the security, compliance, and integrity of an organization's software applications, infrastructure, and data, with a particular emphasis on high-tech and sensitive environments like quantum computing. The candidate will be responsible for identifying and addressing security vulnerabilities, implementing security measures, and ensuring that the product adheres to internal security policies, regulatory standards, and best practices.This position is critical in safeguarding the organization's assets against potential cyber threats by proactively assessing risks, applying security frameworks, and working closely with teams such as IBM's CISO and development groups to integrate security throughout the entire product lifecycle.
Good communication skills and the ability to handle fast-paced, complex work are essential. A self-motivated and driven individual who can work independently as well as in multi-team settings.
5+ years of experience in systems engineering, software security, or related roles.
Preferred Education
Bachelor's DegreeRequired Technical And Professional Expertise
- Degree in Computer Science or equivalent, or equivalent work experience.
- Solid experience in core security principles, including network security, application security, identity and access management (IAM), data encryption, vulnerability management, and security incident response.
- Hands-on experience with security tools for security monitoring, logging, and response, including experience with penetration testing, vulnerability scanning, intrusion detection systems (IDS), and firewall management.
- Cloud security expertise, including cloud storage, network configurations, containerization (e.g., Docker, Kubernetes), and cloud-based identity management systems.
- Experience working in DevSecOps or secure software development lifecycle (SDLC) environments, where security practices are integrated into every stage of development. This includes conducting code reviews, security testing, and working with development teams to fix vulnerabilities early in the development process.
- Experience in leading or contributing to incident response efforts, including identifying and mitigating security breaches, conducting post-incident forensic analysis, and developing strategies to prevent similar incidents in the future.
- Deep understanding of networking concepts and security best practices, including TCP/IP stack, DNS, HTTP/S, VPNs, and network segmentation strategies.
- Hands-on experience designing and managing secure network architectures, including the configuration and management of firewalls, load balancers, proxies, and intrusion detection/prevention systems (IDS/IPS).
- Experience with network traffic analysis and monitoring tools (e.g., Wireshark, NetFlow, or equivalent) to detect anomalous behavior and potential threats.
- Collaboration and communication skills: the ability to work effectively with cross-functional teams, including product development, operations, and the CISO team, is essential. Strong communication skills are required to articulate security risks, vulnerabilities, and solutions to both technical and non-technical stakeholders.
Preferred Technical And Professional Experience
- Experience or familiarity with the security needs of quantum computing environments, especially given the sensitivity and complexity of quantum software and infrastructure. Understanding of how quantum computing interacts with existing security systems, how data is handled, and how quantum-specific encryption methods apply.
- Expertise in using security tools, particularly IBM QRadar for security information and event management (SIEM).
- Experience securing cloud infrastructures, particularly on IBM Cloud.
- Familiarity with software-defined networking (SDN) and network function virtualization (NFV) technologies, and their security implications in hybrid and cloud environments.
- Understanding of regulatory frameworks and compliance requirements, such as GDPR, HIPAA, SOC 2, and other industry-specific regulations. The Security Engineer should be able to navigate compliance audits and ensure that the product meets all legal and regulatory standards.
Key skills/competency
IBM is seeking a Security Engineer specialized in Quantum Computing Software. Key skills include core security principles (network security, application security, IAM, data encryption, vulnerability management, incident response), security tools (penetration testing, vulnerability scanning, IDS, firewall management), cloud security (storage, network configurations, containerization, IAM), DevSecOps, secure SDLC, incident response, networking concepts (TCP/IP, DNS, HTTP/S, VPNs), secure network architecture design, network traffic analysis, and collaboration/communication. Familiarity with quantum computing security needs and IBM QRadar is preferred.Skills & topics
- Security Engineer
- Quantum Computing
- Cybersecurity
- Software Security
- Network Security
- Cloud Security
- DevSecOps
- Incident Response
- Vulnerability Management
- IBM QRadar
- IBM Cloud
- Computer Science
- IT Security
- Risk Assessment
- Compliance
How to get hired
- Tailor your resume: Highlight your experience in core security principles, cloud security, DevSecOps, and network security, emphasizing any quantum computing exposure.
- Showcase technical skills: Detail your hands-on experience with security tools, penetration testing, vulnerability scanning, and incident response in your application.
- Demonstrate understanding of IBM: Research IBM's commitment to quantum computing and AI, and align your skills with their innovation-driven culture.
- Prepare for behavioral questions: Be ready to discuss your collaboration skills, problem-solving approach in complex environments, and how you handle fast-paced work.
- Network strategically: Connect with IBM employees in security or quantum computing roles on LinkedIn to gain insights and potentially find referrals.
Technical preparation
Master core security principles and frameworks.,Gain hands-on experience with security tools.,Deepen cloud security and containerization knowledge.,Study quantum computing security challenges.
Behavioral questions
Describe a complex security incident you resolved.,How do you collaborate with development teams?,How do you handle fast-paced, high-pressure work?,How do you stay updated on emerging threats?
Frequently asked questions
- What specific security challenges does IBM Quantum face that a Security Engineer would address?
- IBM Quantum deals with highly sensitive quantum software and infrastructure. A Security Engineer would address challenges like protecting proprietary algorithms, securing complex network configurations for quantum systems, ensuring data integrity during quantum computations, and safeguarding against novel cyber threats unique to this advanced technology.
- What is the role of the Security Engineer in the IBM Quantum product lifecycle?
- The Security Engineer integrates security throughout the product lifecycle. This involves proactive risk assessment, identifying vulnerabilities, implementing security measures from development to deployment, conducting code reviews, security testing, and ensuring adherence to internal policies and external regulations for quantum computing solutions.
- How important is experience with quantum computing for this Security Engineer role at IBM?
- While not strictly required, experience or familiarity with the security needs of quantum computing environments is highly preferred. Understanding how quantum computing interacts with existing security systems, data handling, and potential quantum-specific encryption methods is a significant advantage for this role.
- What security tools are emphasized for this Security Engineer position at IBM Quantum?
- The role requires hands-on experience with various security tools for monitoring, logging, response, penetration testing, and vulnerability scanning. Expertise with IBM QRadar for SIEM is specifically mentioned as preferred. General experience with IDS, firewalls, Wireshark, and NetFlow is also crucial.
- How does this Security Engineer role contribute to IBM's broader security initiatives?
- This role is critical in safeguarding IBM's quantum assets. The Security Engineer works closely with IBM's CISO and development teams, applying security frameworks and best practices to ensure the integrity and compliance of cutting-edge quantum technology, contributing directly to IBM's reputation for robust security.
- What are the key networking concepts a Security Engineer needs for this IBM Quantum role?
- A deep understanding of networking is essential, including TCP/IP stack, DNS, HTTP/S, VPNs, and network segmentation strategies. The engineer will design and manage secure network architectures, configure firewalls, load balancers, proxies, and IDS/IPS, and analyze network traffic for threats.