Job Information
IBM Security & Compliance Engineer in Bangalore, India
Introduction
At IBM Infrastructure & Technology, we design and operate the systems that keep the world running. From high-resiliency mainframes and hybrid cloud platforms to networking, automation, and site reliability. Our teams ensure the performance, security, and scalability that clients and industries depend on every day. Working in Infrastructure & Technology means tackling complex challenges with curiosity and collaboration. You’ll work with diverse technologies and colleagues worldwide to deliver resilient, future-ready solutions that power innovation. With continuous learning, career growth, and a supportive culture, IBM provides the opportunities to build expertise and shape the infrastructure that drives progress.
Your role and responsibilities
We are seeking a passionate and experienced Security & Compliance Engineer to join our team.
This role is pivotal in ensuring our cloud services meet the highest standards of security and compliance. You will work cross-functionally with engineering teams, project managers, and compliance stakeholders to identify, implement, and monitor security controls and processes.
Your work will directly contribute to the protection of our infrastructure, data, and services. The service you will be joining is Key Protect, IBM’s key management system : https://www.ibm.com/products/key-protect
Responsibilities:
[ ] Support security and compliance initiatives across Key Protect.
[ ] Collaborate with development and operations teams to mitigate security risks.
[ ] Implement, and monitor security controls and compliance processes.
[ ] Contribute to risk assessments, gap analyses, and remediation planning.
[ ] Support internal and external audits by providing evidence and documentation.
[ ] Support adherence to regulatory standards such as FedRAMP, HIPAA, GDPR, SOC 2, PCI, ISO27K, NIST, ISMAP, ENS, HITRUST, etc.
[ ] Drive improvements in patch management, vulnerability management, and access control
[ ] Maintain accurate asset inventories and ensure configuration management best practices.
[ ] Monitor logs and systems for anomalies and respond to incidents.
[ ] Participate in penetration testing and threat modeling exercises.
[ ] Communicate security requirements and findings to technical and non-technical stakeholders
Required technical and professional expertise
Experience: 4+ years in security engineering, compliance, DevOps or related roles.
Experience with cloud technologies and infrastructure.
Hands-on experience with compliance frameworks (e.g., FedRAMP, HIPAA, GDPR, SOC 2, PCI, ISO, NIST).
Knowledge of end-to-end Security and Compliance activities such as Threat Models, Security Privacy by Design.
Knowledge of Security scanning tools such as Nessus scanner, SonarQube, NMap.
Knowledge of Security concepts (includes understanding of identity mgmt./authentication, authorization, firewall, auditing, secure communication, managing certificates, password management)
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.