Cloud Security & Vulnerability Remediation Engineer

**Introduction** A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences. **Your role and responsibilities** Develop and maintain cloud security baselines and remediation workflows in line with business risk assessments and application-specific compliance requirements. Conduct continuous vulnerability scanning and posture assessments across critical AWS services and infrastructure using Wiz to identify potential threats, misconfiguration, and software vulnerabilities. Define risk-prioritized remediation strategies, leveraging the Wiz Security Graph to isolate "toxic combinations" (e.g., internet-exposed, over-privileged workloads with known vulnerabilities). Collaborate with application teams, DevOps, information security, and cloud infrastructure engineers to ensure coordinated, frictionless patching and security fixes without impacting production uptime. Lead and coordinate vulnerability remediation cycles and simulated cloud security/incident response exercises (e.g., evaluating vulnerability exploitation paths) and document remediation outcomes. Ensure compliance with relevant cloud security standards such as CIS Benchmarks, ISO 27001, AWS Foundational Security Best Practices, and internal governance frameworks. Track and report cloud security risks, unmitigated gaps, and remediation metrics (such as Mean Time to Remediate - MTTR) to IT leadership. Raise awareness and provide training/guidance on secure AWS design patterns, secure coding practices, and Wiz-driven self-remediation procedures across engineering teams. **Required technical and professional expertise** Experience in Cloud Security engineering, Cloud Security Posture Management (CSPM), or Vulnerability Management within public cloud environments. Hands-on experience with AWS Cloud infrastructure and its native security controls (e.g., IAM policies, VPC security groups, KMS, AWS Secrets Manager). Direct operational experience using Wiz (or closely related CNAPP platforms) to detect, prioritize, and drive the remediation of cloud vulnerabilities. Familiarity with container and application security, including securing Docker images, Kubernetes workloads, or serverless functions in scope. Strong documentation and technical communication skills, with the ability to translate complex security vulnerabilities into actionable Jira tickets or remediation steps for developers. Ability to work effectively with cross-functional teams and manage multiple stakeholders across development and operations environments. **Preferred technical and professional experience** Cloud Security Architecture: Exposure to designing and implementing cloud security architectures, considering native and non-native security aspects in hybrid and multi-cloud platforms. Compliance and Risk Frameworks: Experience working with compliance regulations and risk management frameworks, informing security strategy and service design. Cloud Security Technologies: Exposure to cloud security technologies and tools, leveraging knowledge to ensure effective risk mitigation and deliver security solutions. IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.