The Db2 Ecosystem team is seeking for a Security engineers to join our deployment team in our Kochi software lab. This is your opportunity to dive into the world of coding, automation and building secure software. You'll be part of a DevOps team working on leading technology that is solving some of the world's most complex problems in Data and AI and supporting the whole Db2 development organization. You will be tasked to ensure the security and compliance of couple of application in Db2 based Data and AI system. There will be opportunities to work closely with Architects, Data Experts, Database Engine Experts, Security experts and high performance development team to diagnose and plan the delivery of secure software to IBM customers. You will nurture innovation and celebrate out-of-the box thinking. You will facilitate collaboration as well as self-organization within the team. You will ensure that we supply secure and robust software products to our internal and external customers.Your responsibilities will include:Analysing, triaging and tracking identified vulnerabilities and ensuring timely remediation by development teams.Helping development teams understand and resolve a wide range of security issue. Examples might include CVE vulnerability analytis and resolution, various test findings, secure coding practices etc.Helping compile evidence for security certifications in a timely manner.Responding to customer support cases relating to security.Improving automation around security detection and issue tracking.Work with Security Architects to ensure that every release shipped is secure as per industry standards.Lead implementation of security updates and compliance for the productMentor junior members technically and professionallyWork with the broader Db2 development team to ensure product security and stability.Programming Languages and Tools:Linux (including package managers, yum/dnf, rpm, bash)OpenshiftKubernetesDockerShell scriptingPythonGoJavaSQLGitHub and Zen-Hub for project management (Agile).Jenkins for CI/CD PipelineApplication Security testing including primarily general code scanning knowledge/experience (Static/dynamic/interactive/container scans)Db2 SecurityDatabase serversAuthentication and Authorization mechanismsPKIIAM and Cloud securitySonarqubePrimary - Linux environment, Shell Scripting, Python, Java, SQL, Docker, Kubernetes / Must have - Shell scripting, Python, Java, SQL, Kubernetes, Docker / Good to have - Go, Openshift, Jenkins,
