IBM
Cybersecurity Remediation Engineer 4x

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
CISO Remediation Engineer
About the Role
The CISO Remediation Team within IBM’s Cyber Defense organization is seeking a cybersecurity Remediation Engineer. In this role, you’ll:
- Contribute to and, over time, drive technical resolution of security risk across the IBM enterprise.
- Operate at the intersection of security operations, engineering, and architecture, collaborating with incident response, detection, and application security teams.
- Focus on recovering from incidents, remediating vulnerabilities, and implementing scalable security improvements.
This role is not a primary SOC, detection, or application security pipeline ownership position but instead partners closely with those teams to accelerate remediation outcomes.
The ideal candidate:
- Thrives under high-pressure environments.
- Can think like both an attacker and defender.
- Communicates effectively with technical and non-technical stakeholders.
The role spans multiple technical domains—expertise in one or two areas is ideal, with a broad understanding of adjacent technologies.
Areas of Specialization
The candidate may specialise in (but is not limited to):
- Scripting, Automation & Infrastructure as Code
- Python, Ansible, Terraform
- Cloud & Virtualized Environments
- IBM Cloud, AWS, Azure, GCP; virtualization and container platforms
- Operating Systems & Networking
- Windows or Linux; network segmentation, SDN, and isolation techniques
- Security Technologies
- EDR, NGFW, IDS, SIEM, SOAR, and related platforms
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Key Responsibilities
- Support containment, recovery, and post-incident remediation by:
- Identifying root causes of security incidents.
- Implementing technical fixes that reduce recurrence risks.
- Partner with product, engineering, and infrastructure teams to:
- Embed security into existing practices.
- Embed secure coding and design principles into development workflows.
- Conduct security and risk assessments of:
- Applications, platforms, and infrastructure.
- Threat modelling and technical support for zero-trust, least-privilege access controls.
- Apply security principles to ensure availability, authentication, authorization, confidentiality, and integrity.
- Develop and publish technical documentation covering:
- Remediation guidance.
- Security best practices, and risk mitigation frameworks.
- Design, build, or deploy tools to support:
- Threat detection, prevention, and AI-assisted analysis.
Preferred Education
- Bachelor’s Degree (or equivalent)
Required Technical & Professional Expertise
Core Competencies
- Knowledge of:
- Vulnerability management.
- Common attack patterns (e.g., OWASP Top 10, MITRE ATT&CK).
- Mitigation techniques.
- Experience:
- Conducting security reviews and translating findings into actionable engineering guidance.
- Applying and maintaining secure configurations across systems, networks, or applications.
- Ability to:
- Collaborate effectively and influence remediation outcomes across federated teams.
- Leverage AI tools for:
- Accelerating triage.
- Providing remediation recommendations.
- Supporting incident response (with human oversight).
- Operate independently or as part of a high-pressure, fast-moving team.
- Critical thinking skills:
- Strong problem-solving.
- Attention to detail.
- Proactive approach.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Communication & Stakeholder Engagement
- Exceptional interpersonal skills with the ability to:
- Bridge gaps between security, engineering, and business teams.
- Explain technical remediation steps to non-technical stakeholders.
Preferred Technical & Professional Experience
Enhanced Skills & Background
- Experience in security engineering or adjacent areas:
- Networking, infrastructure, cloud, or application development.
- Hands-on experience in:
- Incident response or post-incident remediation.
- Cloud platforms (IaaS/PaaS), CI/CD pipelines, containerization, and Kubernetes.
- Knowledge of automation and AI to:
- Reduce mean time to remediation (MTTR).
- Familiarity with Agile development environments.
- Foundational knowledge of:
- Cybersecurity frameworks (NIST CSF, NIST 800-series, ISO 27001, PCI).
- How frameworks inform risk-based remediation decisions.
Certifications (Not Mandatory but Valued)
- CISSP, CISM, OSCP, SANS, or cloud security specialisations.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills