IBM
Cybersecurity Remediation Specialist

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Cybersecurity Remediation Specialist
Cybersecurity Remediation Engineer
Introduction
The CISO Remediation Team is looking to add a cybersecurity Remediation Engineer as part of the overall Cyber Defense organisation. In this role, you will contribute to and drive the technical resolution of security risks across IBM enterprise, operating at the intersection of security operations, engineering, and architecture.
You will help teams recover from incidents, remediate vulnerabilities, and implement durable, scalable security improvements.
Depending on the engagement and experience level, you may:
- Remediate issues directly
- Partner with engineering teams to drive fixes
- Design repeatable remediation patterns
This role is not a primary SOC, detection, or application security pipeline ownership role, but partners closely with those teams to drive remediation outcomes.
The ideal candidate thrives in high-pressure environments, thinks like both an attacker and defender, and communicates clearly with technical and non-technical stakeholders.
Key Responsibilities
Focus Areas
This role spans multiple technical domains. Candidates are not expected to be experts in all areas, but strong candidates demonstrate deep expertise in one or two domains, with working knowledge of adjacent areas.
Areas of Specialization May Include
- Scripting, Automation & Infrastructure as Code
- Python, Ansible, Terraform, or similar tooling
- Cloud & Virtualized Environments
- IBM Cloud, AWS, Azure, GCP; virtualisation and container platforms
- Operating Systems & Networking
- Windows or Linux; network segmentation, SDN, and isolation techniques
- Security Technologies
- EDR, NGFW, IDS, SIEM, SOAR, and related platforms
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Key Duties
- Support containment, recovery, and post-incident remediation by:
- Identifying root causes and implementing technical fixes that reduce recurrence risk
- Partner with product, engineering, and infrastructure teams to embed security within existing practices
- Conduct security and risk assessments of applications, platforms, and infrastructure, including:
- Threat modelling
- Targeted technical review
- Apply security principles to protect systems and data, ensuring:
- Availability
- Authentication
- Authorization
- Confidentiality
- Integrity
- Create technical documentation outlining remediation guidance and security best practices
- Develop or implement tools to support:
- Detection
- Prevention
- Analysis of security threats
Required Technical and Professional Expertise
- Ability to work independently or as part of a team, operating effectively in:
- Ambiguous
- Fast-moving environments
- Strong problem-solving skills, with attention to detail and a proactive mindset
- Strong interpersonal and communication skills, enabling ability to work effectively across:
- Engineering teams
- Security teams
- Business stakeholders
- Explain technological remediation steps to non-technical stakeholders
- Ability to collaborate effectively and, with experience, influence remediation outcomes across federated teams
- Experience conducting security reviews and translating findings into actionable engineering guidance
- Experience applying and maintaining secure configurations across systems, networks, or applications
- Ability to leverage AI tools to:
- Accelerate triage
- Generate remediation recommendations
- Enhance incident response, with appropriate human review and judgement
- Knowledge of:
- Vulnerability management
- Common attack patterns
- Mitigation techniques
- (e.g., OWASP Top 10, MITRE ATT&CK)


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Preferred Technical and Professional Experience
- 4-8 years of experience in:
- Security engineering
- Adjacent engineering roles (e.g., networking, infrastructure, cloud, or application development)
- Experience with:
- Incident response
- Post-incident remediation
- Knowledge of:
- Cloud platforms
- CI/CD pipelines
- Containerisation
- Kubernetes
- Expertise in using automation and AI to reduce Mean Time to Remediation (MTTR)
- Familiarity with Agile development environments
- Foundational understanding of cybersecurity frameworks and regulations, including how they inform risk-based remediation decisions:
- NIST CSF
- NIST 800-series
- ISO 27001
- PCI
- Certifications (a plus but not required); hands-on experience prioritised:
- CISSP, CISM, OSCP, SANS
- Cloud security certifications
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location