"Alerted.org

Introduction

IBM Quantum is an industry first initiative to build universal quantum computers for business, engineering and science. This effort includes advancing the entire quantum computing technology stack and exploring applications to make quantum broadly usable and accessible. With a worldwide network of Fortune 500 companies, academic institutions, researchers, educators, and enthusiasts, we are committed to driving innovation for our clients in the IBM Quantum Network and the Qiskit Community.

Your role and responsibilities

IBM is seeking a proven and highly skilled Lead Security Engineer specialized in architecting and operating secure hybrid cloud offerings, knowledge of Quantum Computing is a plus. The position is in the US, reporting to T. J. Watson Research Center in Yorktown Heights, NY. This role will focus on ensuring the security, compliance, and integrity of an organization’s software applications, infrastructure, and data, with a particular emphasis on high-tech and sensitive environments like quantum computing. The candidate will be responsible for leading a team whose responsibilities include: Risk Management, Threat Modelling, Security Architecture (Cloud and On-Prem), Network Security, Compliance (internal policies and standards), Secure Development Lifecycle Practices, Vulnerability Management, Incident investigation and response, Data Privacy and Protection, Access Management and setting Policies for Quantum team. The role includes hands on contributions to the teams’ work in the above areas as well as leading the security team from a technical perspective, dividing work, assigning tasks, and guiding the team to meet milestones and provide impact to the Quantum Offerings.

This position is critical in safeguarding the organization’s assets against potential cyber threats by proactively assessing risks, applying security frameworks and working closely with teams such as IBM’s Chief Security Information Officer (CISO) and development groups to integrate security throughout the entire product lifecycle.

The ideal candidate will have excellent communication skills and the ability to handle fast-paced, complex work is essential. The candidate must be a self-motivated and driven individual who can work independently as well as in multi-team settings. A minimum of 5+ years of experience in leading software security, network security, ethical hacking, cybersecurity, identity and access management or related roles. CISSP a plus.

Required technical and professional expertise

* Solid experience in core security principles, including network security, application security, identity and access management (IAM), data encryption, vulnerability management, threat modelling, data privacy and security incident response.

* Hands-on Experience with Security Tools for security monitoring, logging, and response, including experience with penetration testing, vulnerability scanning, intrusion detection systems (IDS), network practices, and firewall management.

* Cloud Security Expertise, cloud storage, network configurations, containerization (e.g., Docker, Kubernetes), and cloud-based identity management systems.

* Experience working in DevSecOps or secure software development lifecycle (SDLC) environments, where security practices are integrated into every stage of development, is important. This includes conducting code reviews, security testing, and working with development teams to fix vulnerabilities early in the development process.

* Experience in leading or contributing to incident response efforts, including identifying and mitigating security breaches, conducting post-incident forensic analysis, and developing strategies to prevent similar incidents in the future.

* Collaboration and Communication Skills: The ability to work effectively with cross-functional teams, including product development, operations, and the CISO team, is essential. Strong communication skills are required to articulate security risks, vulnerabilities, and solutions to both technical and non-technical stakeholders.

Preferred technical and professional experience

* Experience or familiarity with the security needs of quantum computing environments, especially given the sensitivity and complexity of quantum software and infrastructure. Understanding how quantum computing interacts with existing security systems, how data is handled, and how quantum-specific encryption methods apply.

* Expertise in using security tools, particularly IBM QRadar for security information and event management (SIEM),

* Experience securing cloud infrastructures, particularly on IBM Cloud.

* Understanding regulatory frameworks and compliance requirements, such as GDPR, HIPAA, SOC 2, FEDRAMP and other industry-specific regulations, is critical. The Security Engineer should be able to navigate compliance audits and ensure that the product meets all legal and regulatory standards

IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.