Cybersecurity Remediation Engineer
Introduction
At IBM Infrastructure & Technology, we design and operate the systems that keep the world running. From high-resiliency mainframes and hybrid cloud platforms to networking, automation, and site reliability. Our teams ensure the performance, security, and scalability that clients and industries depend on every day. Working in Infrastructure & Technology means tackling complex challenges with curiosity and collaboration. You’ll work with diverse technologies and colleagues worldwide to deliver resilient, future-ready solutions that power innovation. With continuous learning, career growth, and a supportive culture, IBM provides the opportunities to build expertise and shape the infrastructure that drives progress.
Your Role And Responsibilities
The CISO Remediation Team is looking to add a cybersecurity Remediation Engineer as part of the overall Cyber Defense organization. In this role, you will contribute to and, over time, drive the technical resolution of security risk across the IBM enterprise, operating at the intersection of security operations, engineering, and architecture. You will help teams recover from incidents, remediate vulnerabilities, and implement durable, scalable security improvements.
Depending on the engagement and experience level, you may remediate issues directly, partner with engineering teams to drive fixes, or design repeatable remediation patterns. This role is not a primary SOC, detection, or application security pipeline ownership role, but partners closely with those teams to drive remediation outcomes.
The ideal candidate thrives in high‑pressure environments, thinks like both an attacker and defender, and communicates clearly with technical and non‑technical stakeholders.
This role spans multiple technical domains. Candidates are not expected to be experts in all areas; strong candidates demonstrate deep expertise in one or two domains and working knowledge of adjacent areas.
Areas Of Specialization May Include
At IBM Infrastructure & Technology, we design and operate the systems that keep the world running. From high-resiliency mainframes and hybrid cloud platforms to networking, automation, and site reliability. Our teams ensure the performance, security, and scalability that clients and industries depend on every day. Working in Infrastructure & Technology means tackling complex challenges with curiosity and collaboration. You’ll work with diverse technologies and colleagues worldwide to deliver resilient, future-ready solutions that power innovation. With continuous learning, career growth, and a supportive culture, IBM provides the opportunities to build expertise and shape the infrastructure that drives progress.
Your Role And Responsibilities
The CISO Remediation Team is looking to add a cybersecurity Remediation Engineer as part of the overall Cyber Defense organization. In this role, you will contribute to and, over time, drive the technical resolution of security risk across the IBM enterprise, operating at the intersection of security operations, engineering, and architecture. You will help teams recover from incidents, remediate vulnerabilities, and implement durable, scalable security improvements.
Depending on the engagement and experience level, you may remediate issues directly, partner with engineering teams to drive fixes, or design repeatable remediation patterns. This role is not a primary SOC, detection, or application security pipeline ownership role, but partners closely with those teams to drive remediation outcomes.
The ideal candidate thrives in high‑pressure environments, thinks like both an attacker and defender, and communicates clearly with technical and non‑technical stakeholders.
This role spans multiple technical domains. Candidates are not expected to be experts in all areas; strong candidates demonstrate deep expertise in one or two domains and working knowledge of adjacent areas.
Areas Of Specialization May Include
- Scripting, Automation & Infrastructure as Code: Python, Ansible, Terraform, or similar tooling
- Cloud & Virtualized Environments: IBM Cloud, AWS, Azure, GCP; virtualization and container platforms
- Operating Systems & Networking: Windows or Linux; network segmentation, SDN, and isolation techniques
- Security Technologies: EDR, NGFW, IDS, SIEM, SOAR, and related platforms
- Support containment, recovery, and post-incident remediation by identifying root causes and implementing technical fixes that reduce recurrence.
- Partner with product, engineering, and infrastructure teams to embed security within existing practices.
- Conduct security and risk assessments of applications, platforms, and infrastructure, including threat modeling and targeted technical review
- Apply security principles to protect systems and data, ensuring availability, authentication, authorization, confidentiality, and integrity.
- Create technical documentation outlining remediation guidance and security best practices.
- Develop or implement tools to support detection, prevention and analysis of security threats.
- Ability to work independently or as part of a team while operating effectively in ambiguous, fast‑moving environments.
- Strong problem‑solving skills with attention to detail and a proactive mindset.
- Strong interpersonal and communication skills with the ability to work effectively across engineering, security, and business teams; and explain technical remediation steps to non-technical stakeholders.
- Ability to collaborate effectively and, with experience, influence remediation outcomes across federated teams.
- Experience conducting security reviews and translating findings into actionable engineering guidance.
- Experience applying and maintaining secure configurations across systems, networks, or applications.
- Ability to leverage AI tools to accelerate triage, remediation recommendations, and incident response, with appropriate human review and judgement.
- Knowledge of vulnerability management, common attack patterns, and mitigation techniques. (e.g., OWASP Top 10, MITRE ATT&CK.)
- ~4-8 years of experience in security engineering or adjacent engineering roles. (e.g., networking, infrastructure, cloud, or application development.)
- Experience supporting incident response or post‑incident remediation.
- Experience with cloud platforms, CI/CD pipelines, containerization, and Kubernetes.
- Experience using automation and AI to reduce mean time to remediation (MTTR).
- Familiarity with Agile development environments.
- Foundational understanding of cybersecurity frameworks and regulations and how they inform risk‑based remediation decisions. (e.g., NIST CSF, NIST 800-series, ISO 27001, PCI.)
- Certifications are a plus but not required; hands‑on experience is valued most. (e.g., CISSP, CISM, OSCP, SANS, cloud security certifications.)
Recommended Jobs
Cyber Security Analyst
Posted 5 hours ago
Cyber Security Engineer
Posted 5 hours ago
Senior Manager, Cybersecurity and Network
Posted 5 hours ago
Cyber Security Incident Analyst
Posted 5 hours ago
Cybersecurity Engineer
Posted 5 hours ago