Cybersecurity Remediation Engineer 4x
Hursley, England, United Kingdom Full-time Posted 1 hour ago
Introduction
The CISO Remediation Team is looking to add a cybersecurity Remediation Engineer as part of the overall Cyber Defense organization. In this role, you will contribute to and, over time, drive the technical resolution of security risk across the IBM enterprise, operating at the intersection of security operations, engineering, and architecture. You will help teams recover from incidents, remediate vulnerabilities, and implement durable, scalable security improvements.
Depending on the engagement and experience level, you may remediate issues directly, partner with engineering teams to drive fixes, or design repeatable remediation patterns. This role is not a primary SOC, detection, or application security pipeline ownership role, but partners closely with those teams to drive remediation outcomes.
The ideal candidate thrives in high‑pressure environments, thinks like both an attacker and defender, and communicates clearly with technical and non‑technical stakeholders.
This role spans multiple technical domains. Candidates are not expected to be experts in all areas; strong candidates demonstrate deep expertise in one or two domains and working knowledge of adjacent areas.
Your Role And Responsibilities
Areas of specialization may include:
Bachelor's Degree
Required Technical And Professional Expertise
The CISO Remediation Team is looking to add a cybersecurity Remediation Engineer as part of the overall Cyber Defense organization. In this role, you will contribute to and, over time, drive the technical resolution of security risk across the IBM enterprise, operating at the intersection of security operations, engineering, and architecture. You will help teams recover from incidents, remediate vulnerabilities, and implement durable, scalable security improvements.
Depending on the engagement and experience level, you may remediate issues directly, partner with engineering teams to drive fixes, or design repeatable remediation patterns. This role is not a primary SOC, detection, or application security pipeline ownership role, but partners closely with those teams to drive remediation outcomes.
The ideal candidate thrives in high‑pressure environments, thinks like both an attacker and defender, and communicates clearly with technical and non‑technical stakeholders.
This role spans multiple technical domains. Candidates are not expected to be experts in all areas; strong candidates demonstrate deep expertise in one or two domains and working knowledge of adjacent areas.
Your Role And Responsibilities
Areas of specialization may include:
- Scripting, Automation & Infrastructure as Code: Python, Ansible, Terraform, or similar tooling
- Cloud & Virtualized Environments:IBM Cloud, AWS, Azure, GCP; virtualization and container platforms
- Operating Systems & Networking:Windows or Linux; network segmentation, SDN, and isolation techniques
- Security Technologies: EDR, NGFW, IDS, SIEM, SOAR, and related platforms
- Support containment, recovery, and post-incident remediation by identifying root causes and implementing technical fixes that reduce recurrence.
- Partner with product, engineering, and infrastructure teams to embed security within existing practices.
- Conduct security and risk assessments of applications, platforms, and infrastructure, including threat modelling and targeted technical review.
- Apply security principles to protect systems and data, ensuring availability, authentication, authorization, confidentiality, and integrity.
- Create technical documentation outlining remediation guidance and security best practices.
- Develop or implement tools to support detection, prevention and analysis of security threats.
Bachelor's Degree
Required Technical And Professional Expertise
- Knowledge of vulnerability management, common attack patterns, and mitigation techniques. (e.g., OWASP Top 10, MITRE ATT&CK.)
- Experience conducting security reviews andtranslating findings into actionable engineering guidance.
- Experience applying and maintaining secure configurations across systems, networks, or applications.
- Ability to collaborate effectively and, with experience, influence remediation outcomes across federated teams.
- Ability to leverage AI tools to accelerate triage, remediation recommendations, and incident response, with appropriate human review and judgement.
- Ability to work independently or as part of a team while operating effectively in ambiguous, fast‑moving environments.
- Strong problem‑solving skills with attention to detail and a proactive mindset.
- Strong interpersonal and communication skills with the ability to work effectively across engineering, security, and business teams; and explain technical remediation steps to non-technical stakeholders.
- Experience in security engineering or adjacent engineering roles. (e.g., networking, infrastructure, cloud, or application development.)
- Experience supporting incident response or post‑incident remediation.
- Experience with cloud platforms, CI/CD pipelines, containerization, and Kubernetes.
- Experience using automation and AI to reduce mean time to remediation (MTTR).
- Familiarity with Agile development environments.
- Foundational understanding of cybersecurity frameworks and regulations and how they inform risk‑based remediation decisions. (e.g., NIST CSF, NIST 800-series, ISO 27001, PCI.)
- Certifications are a plus but not required; hands‑on experience is valued most. (e.g., CISSP, CISM, OSCP, SANS, cloud security certifications.)