Infrastructure & Technology Cybersecurity Remediation Engineer Professional Hursley, GB

The CISO Remediation Team is looking to add a cybersecurity Remediation Engineer as part of the overall Cyber Defense organization. In this role, you will contribute to and, over time, drive the technical resolution of security risk across the IBM enterprise, operating at the intersection of security operations, engineering, and architecture. You will help teams recover from incidents, remediate vulnerabilities, and implement durable, scalable security improvements.

Depending on the engagement and experience level, you may remediate issues directly, partner with engineering teams to drive fixes, or design repeatable remediation patterns. This role is not a primary SOC, detection, or application security pipeline ownership role, but partners closely with those teams to drive remediation outcomes.

The ideal candidate thrives in high pressure environments, thinks like both an attacker and defender, and communicates clearly with technical and non technical stakeholders.

This role spans multiple technical domains. Candidates are not expected to be experts in all areas; strong candidates demonstrate deep expertise in one or two domains and working knowledge of adjacent areas.

Your role and responsibilities

Areas of specialization may include:

• Scripting, Automation & Infrastructure as Code: Python, Ansible, Terraform, or similar tooling
• Cloud & Virtualized Environments: IBM Cloud, AWS, Azure, GCP; virtualization and container platforms
• Operating Systems & Networking: Windows or Linux; network segmentation, SDN, and isolation techniques
• Security Technologies: EDR, NGFW, IDS, SIEM, SOAR, and related platforms

Key Duties

• Support containment, recovery, and post incident remediation by identifying root causes and implementing technical fixes that reduce recurrence.
• Partner with product, engineering, and infrastructure teams to embed security within existing practices.
• Conduct security and risk assessments of applications, platforms, and infrastructure, including threat modeling and targeted technical review.
• Apply security principles to protect systems and data, ensuring availability, authentication, authorization, confidentiality, and integrity.
• Create technical documentation outlining remediation guidance and security best practices.
• Develop or implement tools to support detection, prevention and analysis of security threats.

Required Education

Bachelor's Degree

Preferred Education

Bachelor's Degree

Required technical and professional expertise

Ability to work independently or as part of a team while operating effectively in ambiguous, fast moving environments.

Strong problem solving skills with attention to detail and a proactive mindset.

Strong interpersonal and communication skills with the ability to work effectively across engineering, security, and business teams; and explain technical remediation steps to non technical stakeholders.

Ability to collaborate effectively and, with experience, influence remediation outcomes across federated teams.

Experience conducting security reviews and translating findings into actionable engineering guidance.

Experience applying and maintaining secure configurations across systems, networks, or applications.

Ability to leverage AI tools to accelerate triage, remediation recommendations, and incident response, with appropriate human review and judgement.

Knowledge of vulnerability management, common attack patterns, and mitigation techniques. (e.g., OWASP Top 10, MITRE ATT&CK.)

Preferred technical and professional experience

4 8 years of experience in security engineering or adjacent engineering roles. (e.g., networking, infrastructure, cloud, or application development.)

Experience with cloud platforms, CI/CD pipelines, containerization, and Kubernetes.

Experience using automation and AI to reduce mean time to remediation (MTTR).

Familiarity with Agile development environments.

Foundational understanding of cybersecurity frameworks and regulations and how they inform risk based remediation decisions. (e.g., NIST CSF, NIST 800 series, ISO 27001, PCI.)

Certifications are a plus but not required; hands on experience is valued most. (e.g., CISSP, CISM, OSCP, SANS, cloud security certifications.)

IBM is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.