AppSec Jobs
← Back to all jobs

IBM

Security & Compliance Engineer - Sovereign Cloud

Bengaluru East, Karnataka, IndiaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About IBM

IBM, or International Business Machines Corporation, is a leading multinational technology and consulting company based in Armonk, New York. Founded in 1911, IBM has a rich history that began with the merger of three data-processing firms. The company has played a significant role in the evolution of computing, particularly with its entry into the mainframe computer market in the 1950s, where it quickly became a dominant force. IBM's diverse product portfolio includes mainframe computers, personal computers, supercomputers, software, and semiconductor chips. The company is known for its innovative contributions, such as the development of the first widely accepted high-level programming language, FORTRAN. With a strong focus on research and development, IBM holds over 40,000 active patents, showcasing its commitment to innovation and technology advancement.

Industry

information technology & services

Employees

270,000

77093 engineers

Revenue

$63B

Website

Visit →

Security at IBM

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • IBM's public materials describe embedding security into the SDLC, enabling "shift-left"and transforming DevOps into DevSecOps, and an Application Security Center of Excellence that supports those practices.
  • IBM materials emphasize developer enablement and automation.
  • IBM materials reference threat modeling and prioritization using enterprise context and threat intelligence.
  • IBM public pages highlight reducing late discovery of vulnerabilities and the need to unify people, process and technology.
  • Job postings call for reducing false positives and improving remediation support.

Security Team

  • IBM public pages describe Application Security Services within IBM Consulting and reference an "Application Security Center of Excellence."No single public job title labeled 'Head of Application Security (internal)' was found.
  • Key public-facing IBM security leaders (related roles) were identified, including Dr. Ian Molloy (Department Head of the Security Department at IBM Research) and Betsy Brady (Chief Information Security Officer (CISO) at IBM Cloud).
  • Multiple IBM careers and LinkedIn job-listing entries for Application Security roles were found, with 13 matching job postings.
  • Job postings consistently list SAST, DAST, SCA, IaC scanning, secrets scanning, and threat modeling as responsibilities.

Key Initiatives

  • Public materials show emphasis on "shift-left"practices, DevSecOps toolchain integration, threat modeling, runtime application detection and response (via a partnership with Contrast), automation of remediation workflows (Jira integration), and training (application security training onsite or online).
  • Job postings mention secure SDLC activities, threat modeling, SAST/DAST/SCA, IaC and secrets scanning, and vulnerability management.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.