IBM Infrastructure & Endpoint Security (IES) Consultant in New York, New York

The Infrastructure & Endpoint Security (IES) Consultant in the IBM North America IES Services Practice is an experienced network security professional that can speak to the security landscape and have the ability to communicate effectively with senior members of client management and/or executive teams. The consultant should have a depth of knowledge and experience in Network & Infrastructure Security, as well as Endpoint Security Solutions, however, should have basic knowledge to the breadth of the security landscape as well. The IES Consultant will participate in the delivery of security consulting services on transformation programs and projects.

Core Consulting Skills:

• Demonstrated communication and presentation skills

• Effective written skills

• Ability to research and develop new security offerings

• Comfortable working in a project based / client serving model

• Ability to work easily with diverse and dynamic teams

• Ability to work in a matrix management model

Security Domain Knowledge:

• Depth of knowledge in one or more of the core security IES domains:

o Network Security Architecture

o Intrusion Detection/Prevention Architecture

o Network Segmentation

o Mobile and Endpoint security

o DMZ Architecture

o Access control and firewalls/UTM devices

o Remote Network Access (VPN)

o Distributed Denial of Service Prevention (DDoS)

o Anti-Malware/Virus (AV)

o Web Application Firewall Protection (WAF)

o Vulnerability Management process / governance

• An understanding of contemporary and legacy security IES technologies used within a particular domain, e.g. Firewalls, IDS/IPS, Security Information and Event Management (SIEM).

• A basic understanding of compliance issues (ISO 27001, NIST, DFARS, PCI, and CIS).

  • At least 3 years of experience in Infrastructure Architecture and Consulting & Systems Integration work in a professional services consulting capacity

  • At least 3 years of hands on technical experience in working on projects related to one of these areas:

  • Switches and firewalls, and firewall domains

  • DMZ secure design and B2B connectivity network design

  • VPN security configurations, and VPN plus private line ingress demarcations and policies

  • Secure traffic isolation across common switch, firewall, and load balancing components

  • Virtualized networks including basics of Virtual Routing and Forwarding

  • Understanding of Private VLAN versus standard VLAN partitioning Unified Threat Management (UTM), such as NetScaler

  • Network Address Translation (NAT), Enhanced Interior Gateway Routing Protocol (EIGRP) and the other network protocols

  • DNS server placement security and optimization

  • Readiness to travel 75% annually for assignments

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.