Security Engineer

Introduction

IBM Quantum is an industry first initiative to build universal quantum computers for business, engineering and science. This effort includes advancing the entire quantum computing technology stack and exploring applications to make quantum broadly usable and accessible. With a worldwide network of Fortune 500 companies, academic institutions, researchers, educators, and enthusiasts, we are committed to driving innovation for our clients in the IBM Quantum Network and the Qiskit Community.

IBM is seeking a skilled Lead Security Engineer specialized in Quantum Computing Software in the US, reporting to T. J. Watson Research Center in Yorktown Heights, NY. This role will focus on ensuring the security, compliance, and integrity of an organization’s software applications, infrastructure, and data, with a particular emphasis on high‑tech and sensitive environments like quantum computing. The candidate will be responsible for identifying and addressing security vulnerabilities, implementing security measures, and ensuring that the product adheres to internal security policies, regulatory standards, and best practices, as well as leading the security team from a technical perspective, coordinating tasks, and guiding the team to reach goals.

This position is critical in safeguarding the organization’s assets against potential cyber threats by proactively assessing risks, applying security frameworks, and working closely with teams such as IBM’s CISO and development groups to integrate security throughout the entire product lifecycle. Good communication skills and the ability to handle fast‑paced, complex work is essential. A self‑motivated and driven individual who can work independently as well as in multi‑team settings.

• 5+ years of experience in systems engineering, software security, or related roles.
• Previous experience leading a team, delivering value, with a mindset of incremental improvement.

• Degree in Computer Science or equivalent work experience.
• Solid experience in core security principles, including network security, application security, identity and access management (IAM), data encryption, vulnerability management, and security incident response.
• Hands‑on experience with security tools for monitoring, logging, and response, including penetration testing, vulnerability scanning, intrusion detection systems (IDS), and firewall management.
• Cloud security expertise: cloud storage, network configurations, containerization (e.g., Docker, Kubernetes), and cloud‑based identity management systems.
• Experience working in Dev Sec Ops  or secure software development lifecycle (SDLC) environments, with code reviews, security testing, and collaboration with development teams to fix vulnerabilities early.
• Experience leading or contributing to incident response efforts, including identifying and mitigating security breaches, post‑incident forensic analysis, and developing prevention strategies.
• Collaboration and communication skills: ability to work effectively with cross‑functional teams, including product development, operations, and the CISO team.
• Understanding of networking concepts and security best practices.

• Experience or familiarity with the security needs of quantum computing environments, especially given the sensitivity and complexity of quantum software and infrastructure.
• Expertise in using security tools, particularly IBM QRadar for security information and event management (SIEM).
• Experience securing cloud infrastructures, particularly on IBM Cloud.
• Understanding of regulatory frameworks and compliance requirements, such as GDPR, HIPAA, SOC 2, and other industry‑specific regulations, to navigate compliance audits and ensure product meets all legal and regulatory standards.