Enterprise Operations Security Engineer Professional

At IBM Software, we transform client challenges into solutions. Building the world’s leading AI‑powered, cloud‑native products that shape the future of business and society. Our legacy of innovation creates endless opportunities for IBMers to learn, grow, and make an impact on a global scale. Working in Software means joining a team fueled by curiosity and collaboration.

We are looking for a Product Security Engineer to help scale our software supply chain and application security functions, providing innovative solutions across the Hashi Corp suite of industry‑leading products available as cloud, self‑managed, and community offerings.

• Contribute to solutions that secure the software supply chain for Hashi Corp products, across our cloud, self‑managed, and community product portfolio.
• Monitor supply chain security threats and vulnerabilities impacting Hashi Corp products and services, develop mitigations, and assess/communicate associated risks to stakeholders.
• Serve as subject matter expert (SME) on multiple supply chain and application security areas (e.g., ASPM, SCA, SAST, DAST, container security, etc.).
• Contribute to the development and maintenance of security solutions across the product life‑cycle, such as standalone security tools, CI/CD pipeline integrations, and vulnerability management systems.
• Research emerging supply chain attack vectors and techniques, helping identify potential threats to Hashi Corp’s products.
• Collaborate with cross‑functional teams to implement security standards and participate in secure code reviews.

We’re looking for a candidate with good written and verbal communication skills, knowledge of supply chain and application security topics, who brings a pragmatic approach to security and has the ability to empathize with engineers and product managers across the company.

• High School Diploma/GED (required);
  Bachelor’s Degree preferred.
• 5+ years of security experience.
• Experience building or maintaining security automation within CI/CD pipelines; proficiency with Git Hub Advanced Security and Git Hub Actions security considerations.
• Ability to balance security requirements with engineering velocity.
• Practical knowledge of application and infrastructure security testing methodologies and tools (SAST, DAST, SCA, Container security).
• Familiarity with modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem.
• Experience with secure development practices and their integration into broader engineering activities.
• Understanding of software supply chain security concepts, such as SBOM generation and vulnerability management best practices.
• Experience working with and supporting product engineering teams in cloud environments.

• Familiarity with container security and Kubernetes or Nomad environments.

IBM is proud to be an equal‑opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neuro‑divergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Job Title:

Security Engineer
Job

Location:

LOWELL, San Jose, Austin, Texas, Massachusetts, California, United States
Work arrangement:
Hybrid

Employment type:

Regular
Projected salary range: $77,000 – $132,000 per year