Security Specialist - STUDENT COVNERSION
Rio De Janeiro, BrazilPosted Jul 17, 2026
**Introduction**
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
**Your role and responsibilities**
As an Associate an entry level Security Consultant, you'll unleash your exceptional technical prowess to gather and analyze business and technical requirements, skillfully crafting and implementing resilient Enterprise-wide Access Management processes and procedures.
As an esteemed member of our collaborative advisory team, your pivotal contribution will be crucial in establishing comprehensive security measures, ensuring the safeguarding of our clients' invaluable intellectual property and assets. Your responsibilities may encompass:
Work as a team member with client personnel and other IBM teams to identify functional requirements and subsequently working with or in some instances leading others in the identification, justification and design of the client's solution.
Participate in a wide range of design activities, from requirements analysis through systems, application and/or process design specification and implementation.
Gain knowledge across multiple platforms, processes or architectures
The Security Specialist - Exposure Management is responsible for identifying, assessing, prioritizing, and driving remediation of cyber security exposures across the organization. This role focuses on reducing the organization's attack surface by managing vulnerabilities, misconfigurations, security risks, and external/internal exposures through continuous monitoring, risk analysis, and stakeholder collaboration.
**Required technical and professional expertise**
Familiarity with network design, network security, authentication, authorization techniques, and encryption protocols and standards.
Experience in one or more of the following security domains: Security Intelligence & Operations Consulting (SIOC); Data Security; Identity & Access Management, Infrastructure and Endpoint Security (IES), and/or Security Strategy Risk and Compliance (SSRC).
Exposure to software tools such as Java, Python, C/C++, Java, Ruby, GO, Golang or bash, C#; Sharepoint; Software code Testing and Test Automation is helpful.
Familiarity with network security tools for vulnerability scanning, network monitoring, network sniffing, routers, firewalls, Intrusion detection and protection, anomaly detection and encryption standards.
* Eexperience in Cyber Security, Information Security, Vulnerability Management, Exposure Management, Risk Management, or Security Operations.
* Proven experience managing enterprise-wide vulnerability and exposure management programs.
* Experience performing risk-based vulnerability prioritization and remediation tracking.
* Strong understanding of attack surface management and exposure reduction strategies.
* Experience working with cross-functional teams, including Infrastructure, Cloud, Application Development, and Security Operations.
* Knowledge of security governance, compliance, and audit requirements.
* Experience supporting security assessments, security posture reviews, and risk management activities.
* Ability to communicate complex technical risks to both technical and executive stakeholders.
* Experience operating within large, global enterprise environments.
Required Technical Expertise
Vulnerability & Exposure Management
* Strong knowledge of:
* Vulnerability Management Lifecycle
* Exposure Management methodologies
* Attack Surface Management (ASM)
* Threat and Vulnerability Assessment
* Risk-Based Vulnerability Management (RBVM)
* Security Control Validation
Security Frameworks & Standards
* Hands-on knowledge of:
* NIST Cybersecurity Framework (CSF)
* NIST 800-53
* CIS Controls
* ISO 27001 / 27002
* MITRE ATT&CK Framework
* OWASP Top 10
* CVSS, CWE, and CVE classifications
Cloud Security
* Experience securing cloud environments:
* Microsoft Azure
* Amazon Web Services (AWS)
* Google Cloud Platform (GCP)
* Understanding of:
* CSPM (Cloud Security Posture Management)
* Container Security
* Identity and Access Management (IAM)
* Cloud-native security services
Security Tools
* Experience with one or more:
* Microsoft Defender Vulnerability Management
* Microsoft Security Exposure Management
* Tenable.io / Tenable.sc
* Qualys VMDR
* Rapid7 InsightVM
* Wiz
* CrowdStrike Falcon Exposure Management
* Prisma Cloud
Threat Intelligence & Security Operations
* Understanding of:
* Threat Intelligence integration
* Vulnerability exploitation trends
* Indicators of Exposure (IoE)
* Security Incident Response processes
* SIEM platforms (Microsoft Sentinel, Splunk, QRadar)
Operating Systems & Infrastructure Security
* Strong working knowledge of:
* Windows Server
* Linux/Unix
* Active Directory / Entra ID
* Network Security
* Firewalls, IDS/IPS, VPN technologies
* Endpoint Security controls
Automation & Analytics
* Ability to automate reporting and remediation workflows using:
* PowerShell
* Python
* REST APIs
* KQL (Kusto Query Language)
* Power BI
* Security dashboards and metrics reporting
**Preferred technical and professional experience**
• Familiarity with Cloud Security: Exposure to cloud security principles, architecture, and compliance, including cloud-based security solutions and technologies.
• Knowledge of Containerization: Understanding of containerization concepts, including Docker, Kubernetes, and container orchestration.
• Experience with Agile Methodologies: Exposure to Agile development methodologies, including Scrum, Kanban, and Lean software development.
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.